What Jobs are available for Document Management in Bahrain?

Sensitive Compartment Information Facility Management

NSA Bahrain

The Sensitive Compartmented Information Facility (SCIF) Management assists the United States Marine Corps Forces, Central Command (MARCENT) and subordinate commands by serving within the 5th MEB task area. The position's primary mission involves assisting in the conduct of tactical level command and control of Marine Corps forces within CENTCOM's AOR in Bahrain. The SCIF Management directly conducts planning in support of contingencies, exercises, and executes Naval Integration actions, including operational and administrative support of the SCIF to ensure the efficient execution of MARCENT OAMS tasks both within the continental United States (CONUS) and outside the continental United States (OCONUS). The SCIF Management will perform the following duties:

ESSENTIAL DUTIES AND RESPONSIBILITIES

• Provide SCIF management services. These services include operational support of SCIF to the G-2 Special Security Office.
• Execute all special security tasks, including physical, personnel, and information security at the SCI level.
• Assist in managing the operations and administration of the SCIF.
• Maintain SCIF operational records and accreditation documents to ensure compliance, implementation, and interpretation of all applicable security directives.
• Oversee the accounting, storage, and destruction / disposition of SCI material.
• Report SCI violations, security incidents, and develop damage and risk assessments.
• Provide expert level security support services (including intelligence community security expertise) and, specialized knowledge of SCI security programs, and adjudication of SCI access and investigation data via the use of DISS and NBIS.

EDUCATION

• HS diploma or equivalent required.

EXPERIENCE

• Minimum ten years of military experience.
• Experience managing Sensitive Compartmented Information Facilities (SCIFs) in a military or intelligence community environment, demonstrating a thorough understanding of SCIF operations and security requirements.
• Experience executing special security tasks, including physical, personnel, and information security at the SCI level.
• Experience with security management systems such as DISS and NBIS, demonstrating expertise in adjudicating SCI access and investigation data.

CORE SKILLS/COMPETENCIES

Required Knowledge, Skills and Abilities

• Expertise in SCI security programs and standards, with the ability to apply security directives and compliance measures effectively.
• Proficiency in security incident management, including the ability to report violations, conduct risk assessments, and develop damage control measures.
• Attention to detail and analytical skills necessary for maintaining security and ensuring compliance with all applicable directives and regulations.
• Advanced proficiency with groupware applications (SharePoint, MS Teams) and the Microsoft Office suite (Word, Power Point, Excel, etc.) desired.
• Strong written and verbal communication skills desired.

WORKING CONDITIONS

• Required to sit for extended periods of time and maintain focus.

SPECIAL POSITION NOTATIONS

• Travel is required.
• Qualification as an authorized company driver is required. All authorized company drivers must have a valid driver's license, current automobile insurance, and a driving record that is acceptable to the company's auto insurance provider.

SECURITY CLEARANCE

• A TS/SCI clearance is required for this position.

This position description outlines the general responsibilities and requirements for the stated position and in no way is an exhaustive list. The company maintains the right to assign or reassign responsibilities to this position at any time.

• Develop, implement, and maintain the organization's vulnerability management program.
• Conduct regular vulnerability scans and penetration tests across networks, applications, and systems.
• Analyze scan results to identify and prioritize critical vulnerabilities based on risk and potential impact.
• Collaborate with IT operations, development, and business units to develop and track remediation plans.
• Provide expert guidance and support to teams responsible for patching and configuration management.
• Evaluate the effectiveness of existing security controls and recommend improvements.
• Generate regular reports on vulnerability status, remediation progress, and key risk indicators for management.
• Stay abreast of the latest vulnerability trends, exploits, and security best practices.
• Assist in the development and maintenance of security policies and procedures related to vulnerability management.
• Participate in security incident response activities as needed.

• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field.
• Minimum of 5 years of experience in information security, with a dedicated focus on vulnerability management.
• Proven experience with vulnerability scanning tools (e.g., Nessus, Qualys, Rapid7) and penetration testing methodologies.
• Strong understanding of common vulnerabilities, exploits, and security best practices.
• Knowledge of network security, system hardening, and secure coding principles.
• Ability to analyze complex technical data and translate it into actionable remediation steps.
• Excellent communication, collaboration, and reporting skills.
• Ability to work independently, manage workload effectively, and meet deadlines in a remote setting.
• Relevant certifications such as CISSP, CEH, or CompTIA Security+ are a plus.

• Conduct regular vulnerability scans and penetration tests across all network devices, servers, and applications.
• Analyze scan results, identify false positives, and prioritize vulnerabilities based on risk, exploitability, and asset criticality.
• Develop and manage a comprehensive vulnerability management program, including policy, procedures, and reporting.
• Collaborate with IT operations and development teams to ensure timely and effective remediation of identified vulnerabilities.
• Track the progress of remediation efforts and verify the effectiveness of implemented fixes.
• Maintain an accurate inventory of all IT assets and their associated vulnerabilities.
• Research and stay current on the latest vulnerability disclosures, exploits, and cybersecurity threats.
• Develop and present vulnerability assessment reports and metrics to management and stakeholders.
• Provide guidance and support to technical teams on remediation strategies and secure coding practices.
• Contribute to security architecture reviews and provide recommendations for hardening systems and applications.
• Participate in incident response activities as needed, particularly concerning exploited vulnerabilities.
• Ensure compliance with industry standards and regulatory requirements related to vulnerability management.
• Work effectively within the **Sanad, Capital, BH** office environment, fostering strong relationships with internal teams.

• Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field; relevant certifications (e.g., CEH, CompTIA Security+, CISSP) are highly desirable.
• Minimum of 4-6 years of experience in information security, with a specific focus on vulnerability assessment and management.
• Proven experience with vulnerability scanning tools (e.g., Nessus, Qualys, Rapid7) and penetration testing methodologies.
• Strong understanding of network protocols, operating systems (Windows, Linux), web application security, and common vulnerabilities (e.g., OWASP Top 10).
• Excellent analytical, problem-solving, and risk assessment skills.
• Proficiency in scripting languages (e.g., PowerShell, Python) for automation is a plus.
• Strong communication and interpersonal skills, with the ability to explain technical risks to diverse audiences.
• Ability to work independently and manage multiple projects simultaneously.
• Experience with security frameworks and compliance standards (e.g., ISO 27001, NIST).
• Familiarity with cloud security best practices (AWS, Azure, GCP) is an advantage.

• Conduct comprehensive information security risk assessments, vulnerability analyses, and penetration tests.
• Develop, implement, and maintain information security policies, standards, and procedures.
• Design and manage security awareness training programs for employees.
• Monitor security infrastructure and systems for potential threats and breaches.
• Investigate and respond to security incidents, performing root cause analysis and implementing corrective actions.
• Evaluate and recommend security technologies and solutions to enhance the organization's security posture.
• Collaborate with IT teams to ensure secure system configurations and network architecture.
• Stay current with evolving cybersecurity threats, vulnerabilities, and regulatory compliance requirements.
• Develop and manage third-party risk assessments for vendors and partners.
• Contribute to the development and testing of business continuity and disaster recovery plans.
• Prepare regular reports on security risks, incidents, and compliance status for management.

• Conduct comprehensive information security risk assessments and vulnerability analyses.
• Develop, implement, and maintain risk management frameworks and policies.
• Identify and classify potential security threats and vulnerabilities.
• Recommend and implement security controls and countermeasures to mitigate identified risks.
• Perform security audits and compliance checks against industry standards (e.g., ISO 27001, NIST).
• Monitor security systems and alerts for potential incidents.
• Assist in the development and execution of incident response plans.
• Provide security awareness training and guidance to employees.
• Stay current with the latest cybersecurity threats, trends, and technologies.
• Collaborate with IT teams to ensure secure system configurations and deployments.

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Minimum of 5 years of experience in information security, with a focus on risk management and compliance.
• Strong knowledge of cybersecurity principles, threat modeling, and risk assessment methodologies.
• Experience with GRC tools and frameworks is a significant advantage.
• Understanding of relevant security standards and regulations.
• Excellent analytical and problem-solving skills.
• Strong written and verbal communication skills.
• Relevant security certifications such as CISSP, CISM, or CRISC are highly desirable.
• Ability to work effectively in a team-oriented environment.