| |
Below you will find COACT GSA Schedule of labor categories, hourly pricing information, and a brief description of each category. The period covered by our GSA schedule is from September 15, 2011 through September 14, 2016.
A full catalog file, in PDF format, containing more details can be downloaded here - COACT GSA Schedule. For more information on our GSA Schedule, please contact GSA@coact.com
Program Manager
Duties include but are not limited to overall management of technical tasks, testing installation, training, maintenance, security, certifications and lab accreditations. Provides supervisory technical and administrative direction for personnel performing tasks, including review of work products for correctness, adherence to the design concept, adherence to Government regulations and Common Criteria/FIPS 140 standards.
back to top
Information Security Technician I
A Security Technician (STI) under general supervision, analyzes user needs and current security regulations and guidelines to determine security functional requirements and assurance levels. Accomplishes functional allocation to identify tasks to be done and interrelationships. Identifies resource(s) required. A STI has the job skills to work on various types of computer equipment and systems to perform testing under the supervision of a senior. A STI participates in formal analysis and security testing of devices implementing cryptography to the FIPS 140-2 standard under the guidance of senior personnel. A STI participates in formal analysis and testing under the guidance of senior personnel to confirm compliance to the Common Criteria requirements and or FIPS 140 Standards. A STI participates in the evaluation of a Security Target and/or a Protection Profiles under the Common Criteria Scheme.
back to top
Information Security Technician II
A Security Technician (STII) has the job skills to work on various computer equipment and systems by performing one or a combination of the following: installing, troubleshooting, and testing. The STII has the skill to analyze the security functionality of various IT products. A STII participates in the evaluation of a Security Target and/or a Protection Profiles under the Common Criteria Scheme. A STII participates in formal analysis and security testing of devices implementing cryptography to the FIPS 140-2 standard under the guidance of senior personnel. A STII participates in formal analysis and testing under the guidance of senior personnel to confirm compliance to the Common Criteria requirements and or FIPS 140 Standards. A STII evaluates Security Target and/or Protection Profile under the Common Criteria Scheme.
back to top
Information Security Technician III
A Security Technician (STIII) has the job skills to work on various network types of equipment and systems by performing one or a combination of the following: installing, troubleshooting, and testing. The STIII has the skill to analyze the security functionality of various IT products. A STIII develops Security Targets and Protection Profiles under the Common Criteria Scheme. A STIII participates in formal analysis and security testing of devices implementing cryptography to the FIPS 140-2 standard under the guidance of senior personnel. A STIII participates in formal analysis and testing under the guidance of senior personnel to confirm compliance to the Common Criteria requirements and or FIPS 140 Standards. A STIII evaluates Security Target and/or Protection Profile under the Common Criteria Scheme.
back to top
Security Engineer I
A Security Engineer (SEI) has a knowledge and understanding of network protocols. The SEI is familiar with Common Criteria Language, and FIPS-140. A SEI develops Security Targets and Protection Profiles under the Common Criteria Scheme. A SEI participates in formal analysis and security testing of devices implementing cryptography to the FIPS 140-2 standard with little guidance of senior personnel. A SEI participates in formal analysis and testing with little guidance of senior personnel to confirm compliance to the Common Criteria requirements and or FIPS 140 Standards. A SEI evaluates Security Target and/or Protection Profile under the Common Criteria Scheme. The SEI can assist in building test networks or system prototypes, performing equipment set-up, testing, and participating in test report writing
back to top
Security Engineer II
A Security Engineer II (SEII) shall have experience in the application of large system engineering processes and familiarity with computer aided tools for system engineering, requirements analysis, decomposition, and requirements traceability. The SEII shall have detailed understanding of information security into systems operation and has the ability integrate evolving security requirements into systems. The SEII shall have expertise in engineering secure networks. The SEII shall be thoroughly versed in the systems level design and development of large software systems. The SEII has expertise with Common Criteria Language, and FIPS-140.
back to top
Security Engineer III
A Security Engineer (III) (SEIII) has a high level knowledge and understanding of network protocols. The SEIII has expert knowledge of Common Criteria Language, and FIPS 140 standards. The SEIIII has the job skills to work on various network types of equipment and related devices from a security protection emphasis to include installing; troubleshooting; modifying; testing. SEIII can independently build test network or system prototypes, performing equipment set-up, testing, and participating in test report writing. The SEIII has the ability to develop attack programs to verify security assurance and weakness capability. Gathers and organizes technical information about an organization's missions, goals, and requirements, existing security products, and ongoing programs in the IA arena. Performs a variety of routine project tasks applied to specialized technology problems. Tasks involve integration of electronic processes or methodologies to resolve total system problems, or technology problems as they relate to IA requirements. Conducts security assessments and security consulting services. Analyzes information security requirements. Performs certification for C&A processes for the accreditations of systems. The SEIII performs vulnerability analysis and assessment using either government or commercial off the shelf technologies.
back to top
Security Analyst I
A Security Analyst I (SAI) shall be able to perform the following tasks, with minimal direction: developing and preparing technical documents; writing technical papers, interaction with customers to gather design and development inter-networking concepts, theories, and information; perform technical engineer duties to include but not be limited to installation of inter-networking equipments, setup test equipments, execute tests according to written procedures, and document test results in a meaningful format for future integration into test result reports. The SAI shall understand inter-networking, networks, and computer concepts, and have technical expertise in engineering secure network. The SAI shall possess personnel computer skills at a level where they can capture preliminary and detailed information to complete follow-on tasks. The SAI shall have detailed understanding of the Common Criteria Scheme, Security Target development and participate in formal analysis and testing under the Common Criteria Scheme for product evaluations. A SAI shall have the knowledge and job skills to work directly with senior level personnel to accomplish goals and tasks. A SAI shall be required to initiate tasks, and complete them under the direction of a Program Manager. Performs certification for C&A processes for the accreditations of systems. The SAI performs vulnerability analysis and assessment using either government or commercial off the shelf technologies.
back to top
Security Analyst II
A Security Analyst II (SAII) independently perform the following tasks: developing and preparing technical documents; writing technical papers, interaction with customers to gather design and development inter-networking concepts, theories, and information; perform technical engineer duties to include but not be limited to installation of inter-networking equipments, setup test equipments, execute tests according to written procedures, and document test results in a meaningful format for future integration into test result reports. A SAII understands, networks, and computer concepts, and has personnel computer skills at a level where he/she can independently capture preliminary and detailed information to complete follow-on task. The SAII shall have expertise knowledge of the Common Criteria Scheme, Security Target development, and Protection Profile development. A SAII shall have the knowledge and job skills to work directly with senior level personnel to accomplish goals and tasks. A SAII shall be required to initiate tasks, and complete them under the direction of a Program Manager. Performs certification for C&A processes for the accreditations of systems. The SAII performs vulnerability analysis and assessment using either government or commercial off the shelf technologies.
back to top
Security Analyst III
The Security Analyst III (SAIII) works on complex application problems involving all phases of systems analysis to provide IA solutions. The SAIII provides technical support for testing and integration tasks, including the review of work products for correctness, adherence to the design concept and to user standards. The SAIII has expert knowledge of IA products and IA-enabling products such as PKI, VPN, Firewalls, Intrusion Detection Systems, etc. Reviews and recommends IA solutions to customer problems based on an understanding of how products and services interrelate and support the IA mission and the viewpoints of the consumers of those products and services.. The SAIII shall have detailed understanding of the Common Criteria Scheme, Security Target development, Protection Profile development. A Security Analyst shall be required to initiate tasks, and complete them independently. Performs certification for C&A processes for the accreditations of systems. The SAIII performs vulnerability analysis and assessment using either government or commercial off the shelf technologies.
back to top
Systems Administrator
Oversees and manages day to day configuration and operation of Information Systems. Optimize system operation and resource utilization, and performs system capacity planning/analysis while maintaining the security posture. Provides assistance to users in accessing and using support systems. Modifies non-routine system hardware and software as required to ensure system availability, security, and functionality. Responsible for the daily operational availability of hardware and software systems required to support system operations. Conducts scheduled testing and review of hardware and software to ensure potential problems are identified at the earliest point possible. Ensures documentation is prepared for all hardware and software adjustments and modifications. Ensures adjustments and repairs on hardware and software problems are accomplished as the need is detected. Ensures systems backup is scheduled and accomplished for major systems. May supervise the hardware and software maintenance personnel and activities.
back to top
Quality System Manager
The QSM will support the implementation of quality processes and procedures. The QSM will work to ensure that the Quality System is consistently employed in the day-to-day operations. The QSM will monitor proprietary information and document control and conduct inventories as required. He/she will perform audits to ensure a current state of the following Quality records/items: Evaluation Records, Document Control Records, Destruction Records, Reproduction Procedures and Records, and Maintenance Records. The QSM is responsible for the accreditation of the Common Criteria Lab and the FIPS 140 lab under the NVLAP guidelines. The QSM is also responsible for the ISO 9000 recertification.
As secondary functions, the QSM will perform technical writing and reviews in support of the Certification and Accreditation contracts. The QSM will be able to produce and/or edit technical reports. He/she must be able to consolidate technical input and analysis and output a logical, understandable report. He/she must be able to format and produce clean publishable documents.
back to top
Technical Writer
Writes and edits a variety of technical documents for audiences with varied levels of knowledge and interest on the subjects covered. Write or edit technical documents describing the features, functions, installation, software, and hardware of computer systems. Work with subject specialists to write and edit evaluation papers, system proposals, internal software and system documentation, user manuals, and training course materials for computer systems. Write or edit a variety of management reports (progress reports, status briefings) administrative papers, and support for the COACT bid and proposal team.
back to top
Administrative Support
This professional level includes clerical personnel, administrative services personnel, illustrator/graphics personnel, technical editors, and technical publications personnel. Performs administrative duties in a staff activity. Performs specialized assignments relating to typing, word processing, graphics illustration using computers with very little direction. Performs a variety of support services such as operation of reproduction equipment to produce large volumes of documents, courier service and mail service, etc.
back to top
For more information on our GSA Schedule, please contact GSA@coact.com
|
|
