The Team will provide cybersecurity monitoring and policy enforcement of privileged users on the Sponsor’s information systems, for Sponsor’s use/oversight. They will, with Sponsor guidance and oversight, review all requests for privileged access on the Sponsor’s access request systems to consistently ensure requests are only approved if they meet all of the eligibility requirements mandated by the Sponsor’s policy regulations (including but not limited to clearances, training, and vetting), have the proper justification, and are appropriate to the user’s position and role in accordance with the Sponsor’s administration model. The team will ensure that all privileged accounts on the Sponsor’s enterprise information systems are reviewed at least annually and remove accesses (privileged or unprivileged) at Sponsor management direction when the access no longer meets the eligibility requirements specified in the Sponsor’s policy regulations or when directed by Sponsor management to neutralize a cybersecurity risk or personnel security risk. They will consistently implement reporting of all privileged users on all Sponsor information systems, with Sponsor guidance and oversight. Enterprise privileged users shall be reported at least on a daily basis and privileged users on non-enterprise Sponsor information systems shall be reported at least every 3 months with all of the information required to enforce Sponsor policy regulations on privileged users. The team will also provide security monitoring and policy enforcement over data transfers on Sponsor information systems, for Sponsor’s use/information and ensure officers with access to that transfer data meet and remain in compliance with all eligibility requirements specified in the Sponsor’s policy regulations, for Sponsor’s use/information. The Team, with Sponsor oversight, will also provide security monitoring and policy enforcement of a capability that provides remote access to the Sponsor’s primary network. The Contractor shall review requests for this access to ensure they comply with the Sponsor’s security requirements and shall, with Sponsor guidance, respond to questions from users and other stakeholders seeking security guidance related to this capability or seeking guidance on how to request and enroll in this capability.

1. (Mandatory) Demonstrated experience with access control methods and mechanisms and underlying technologies, including Active Directory, LDAP, access control mechanisms in cloud platforms, and NTFS.

2. (Mandatory) Demonstrated experience with access management on information systems.

3. (Mandatory) Demonstrated ability to work with administrators at all levels to ensure security policy is being followed.

4. (Mandatory) Demonstrated superior critical thinking skills and attention to detail.

5. (Mandatory) Demonstrated good security practices when handling sensitive security information.

6. (Mandatory) Demonstrated experience with the Sponsor's Account and Administration process.

7. (Mandatory) Demonstrated experience with the Sponsor's policies and regulations related to accounts, accesses, PKI, removable media, and privileged user oversight.

8. (Desired) Demonstrated experience with PowerShell, Shell Script (bash), and VBScript.

9. (Desired) Demonstrated knowledge of malware such as viruses, Trojan Horses, worms, etc.

10. (Desired) Demonstrated experience with data analytics.

11. (Desired) Demonstrated experience with mechanisms for restricting access to removable media on information systems.

12. (Desired) Demonstrated experience with multi-factor authentication technologies.

13. (Desired) Demonstrated experience documenting requirements for software systems.

14. (Desired) Demonstrated experience with agile development.

15. (Desired) Demonstrated experience briefing topics related to identity and access management to a wide variety of stakeholders.

16. (Desired) Demonstrated experience with excellent written and verbal communication skills.