GSA Schedule

    GSA_Schedule_Contract

    GSA Contract Number GS-35F-0625S

    Below you will find COACT GSA Schedule of labor categories and a brief description of each category. The period covered by our GSA schedule is from September 15, 2011 through September 14, 2016.

    For more information on our GSA Schedule, please contact info@coact.com

    Program Manager

    Duties include but are not limited to overall management of technical tasks, testing installation, training, maintenance, security, certifications and lab accreditations. Provides supervisory technical and administrative direction for personnel performing tasks, including review of work products for correctness, adherence to the design concept, adherence to Government regulations and Common Criteria/FIPS 140 standards.

    back to top

    Information Security Technician I

    A Security Technician (STI) under general supervision, analyzes user needs and current security regulations and guidelines to determine security functional requirements and assurance levels. Accomplishes functional allocation to identify tasks to be done and interrelationships. Identifies resource(s) required. A STI has the job skills to work on various types of computer equipment and systems to perform testing under the supervision of a senior. A STI participates in formal analysis and security testing of devices implementing cryptography to the FIPS 140-2 standard under the guidance of senior personnel. A STI participates in formal analysis and testing under the guidance of senior personnel to confirm compliance to the Common Criteria requirements and or FIPS 140 Standards. A STI participates in the evaluation of a Security Target and/or a Protection Profiles under the Common Criteria Scheme.

    back to top

    Information Security Technician II

    A Security Technician (STII) has the job skills to work on various computer equipment and systems by performing one or a combination of the following: installing, troubleshooting, and testing. The STII has the skill to analyze the security functionality of various IT products. A STII participates in the evaluation of a Security Target and/or a Protection Profiles under the Common Criteria Scheme. A STII participates in formal analysis and security testing of devices implementing cryptography to the FIPS 140-2 standard under the guidance of senior personnel. A STII participates in formal analysis and testing under the guidance of senior personnel to confirm compliance to the Common Criteria requirements and or FIPS 140 Standards. A STII evaluates Security Target and/or Protection Profile under the Common Criteria Scheme.

    back to top

    Information Security Technician III

    A Security Technician (STIII) has the job skills to work on various network types of equipment and systems by performing one or a combination of the following: installing, troubleshooting, and testing. The STIII has the skill to analyze the security functionality of various IT products. A STIII develops Security Targets and Protection Profiles under the Common Criteria Scheme. A STIII participates in formal analysis and security testing of devices implementing cryptography to the FIPS 140-2 standard under the guidance of senior personnel. A STIII participates in formal analysis and testing under the guidance of senior personnel to confirm compliance to the Common Criteria requirements and or FIPS 140 Standards. A STIII evaluates Security Target and/or Protection Profile under the Common Criteria Scheme.

    back to top

    Security Engineer I

    A Security Engineer (SEI) has a knowledge and understanding of network protocols. The SEI is familiar with Common Criteria Language, and FIPS-140. A SEI develops Security Targets and Protection Profiles under the Common Criteria Scheme. A SEI participates in formal analysis and security testing of devices implementing cryptography to the FIPS 140-2 standard with little guidance of senior personnel. A SEI participates in formal analysis and testing with little guidance of senior personnel to confirm compliance to the Common Criteria requirements and or FIPS 140 Standards. A SEI evaluates Security Target and/or Protection Profile under the Common Criteria Scheme. The SEI can assist in building test networks or system prototypes, performing equipment set-up, testing, and participating in test report writing.

    back to top

    Security Engineer II

    A Security Engineer II (SEII) shall have experience in the application of large system engineering processes and familiarity with computer aided tools for system engineering, requirements analysis, decomposition, and requirements traceability. The SEII shall have detailed understanding of information security into systems operation and has the ability integrate evolving security requirements into systems. The SEII shall have expertise in engineering secure networks. The SEII shall be thoroughly versed in the systems level design and development of large software systems. The SEII has expertise with Common Criteria Language, and FIPS-140.

    back to top

    Security Engineer III

    A Security Engineer (III) (SEIII) has a high level knowledge and understanding of network protocols. The SEIII has expert knowledge of Common Criteria Language, and FIPS 140 standards. The SEIIII has the job skills to work on various network types of equipment and related devices from a security protection emphasis to include installing; troubleshooting; modifying; testing. SEIII can independently build test network or system prototypes, performing equipment set-up, testing, and participating in test report writing. The SEIII has the ability to develop attack programs to verify security assurance and weakness capability. Gathers and organizes technical information about an organization’s missions, goals, and requirements, existing security products, and ongoing programs in the IA arena. Performs a variety of routine project tasks applied to specialized technology problems. Tasks involve integration of electronic processes or methodologies to resolve total system problems, or technology problems as they relate to IA requirements. Conducts security assessments and security consulting services. Analyzes information security requirements. Performs certification for C&A processes for the accreditations of systems. The SEIII performs vulnerability analysis and assessment using either government or commercial off the shelf technologies.

    back to top

    Security Analyst I

    A Security Analyst I (SAI) shall be able to perform the following tasks, with minimal direction: developing and preparing technical documents; writing technical papers, interaction with customers to gather design and development inter-networking concepts, theories, and information; perform technical engineer duties to include but not be limited to installation of inter-networking equipments, setup test equipments, execute tests according to written procedures, and document test results in a meaningful format for future integration into test result reports. The SAI shall understand inter-networking, networks, and computer concepts, and have technical expertise in engineering secure network. The SAI shall possess personnel computer skills at a level where they can capture preliminary and detailed information to complete follow-on tasks. The SAI shall have detailed understanding of the Common Criteria Scheme, Security Target development and participate in formal analysis and testing under the Common Criteria Scheme for product evaluations. A SAI shall have the knowledge and job skills to work directly with senior level personnel to accomplish goals and tasks. A SAI shall be required to initiate tasks, and complete them under the direction of a Program Manager. Performs certification for C&A processes for the accreditations of systems. The SAI performs vulnerability analysis and assessment using either government or commercial off the shelf technologies.

    back to top

    Security Analyst II

    A Security Analyst II (SAII) independently perform the following tasks: developing and preparing technical documents; writing technical papers, interaction with customers to gather design and development inter-networking concepts, theories, and information; perform technical engineer duties to include but not be limited to installation of inter-networking equipments, setup test equipments, execute tests according to written procedures, and document test results in a meaningful format for future integration into test result reports. A SAII understands, networks, and computer concepts, and has personnel computer skills at a level where he/she can independently capture preliminary and detailed information to complete follow-on task. The SAII shall have expertise knowledge of the Common Criteria Scheme, Security Target development, and Protection Profile development. A SAII shall have the knowledge and job skills to work directly with senior level personnel to accomplish goals and tasks. A SAII shall be required to initiate tasks, and complete them under the direction of a Program Manager. Performs certification for C&A processes for the accreditations of systems. The SAII performs vulnerability analysis and assessment using either government or commercial off the shelf technologies.

    back to top

    Security Analyst III

    The Security Analyst III (SAIII) works on complex application problems involving all phases of systems analysis to provide IA solutions. The SAIII provides technical support for testing and integration tasks, including the review of work products for correctness, adherence to the design concept and to user standards. The SAIII has expert knowledge of IA products and IA-enabling products such as PKI, VPN, Firewalls, Intrusion Detection Systems, etc. Reviews and recommends IA solutions to customer problems based on an understanding of how products and services interrelate and support the IA mission and the viewpoints of the consumers of those products and services.. The SAIII shall have detailed understanding of the Common Criteria Scheme, Security Target development, Protection Profile development. A Security Analyst shall be required to initiate tasks, and complete them independently. Performs certification for C&A processes for the accreditations of systems. The SAIII performs vulnerability analysis and assessment using either government or commercial off the shelf technologies.

    back to top

    Systems Administrator

    Oversees and manages day to day configuration and operation of Information Systems. Optimize system operation and resource utilization, and performs system capacity planning/analysis while maintaining the security posture. Provides assistance to users in accessing and using support systems. Modifies non-routine system hardware and software as required to ensure system availability, security, and functionality. Responsible for the daily operational availability of hardware and software systems required to support system operations. Conducts scheduled testing and review of hardware and software to ensure potential problems are identified at the earliest point possible. Ensures documentation is prepared for all hardware and software adjustments and modifications. Ensures adjustments and repairs on hardware and software problems are accomplished as the need is detected. Ensures systems backup is scheduled and accomplished for major systems. May supervise the hardware and software maintenance personnel and activities.

    back to top