Broadleaf, Inc has been featured as one of Inc. Magazine's "Top 5000 fastest growing companies". Broadleaf, Inc has established itself as #20 (2021) from #146 (2020), #733 (2019), and #1730 (2018). www.inc.com/profile/broadleaf
Founded in 2009 and headquartered in Virginia, Broadleaf is a Native Hawaiian Organization (NHO) owned small business. We are a mature 8(a) firm who has achieved Capability Maturity Model Integration (CMMI) Level 3 for Development, CMMI Level 3 for Services, and ISO 9001, ISO 27001, and ISO 14001 certifications. These quality improvement programs directly influence our management and technical solutions. Unlike other small businesses, our certifications prove that we have mature processes and procedures which will be used to deliver a high-quality service to our clients. What is an NHO? Native Hawaiian Organization or NHO is a community service organization serving Native Hawaiians in the State of Hawaii which is a not-for-profit organization chartered by the State of Hawaii, is controlled by Native Hawaiians, and whose business activities will principally benefit such Native Hawaiians.
Our NHO’s Mission NHO is a non-profit organization designed to benefit the Hawaii people through the development and advocacy of Science, Technology, Engineering and Math (STEM) education and by promoting Hawaii’s role as America’s Gateway to the Pacific. Our NHO supports this missions through an agenda that facilitates community resilience, development, economic prosperity, and strengthens Hawaii’s relationships with its Asia-Pacific neighbors.
Intrusion detection, finding and fixing unprotected vulnerabilities, ensuring that remote access points are well secured
Collecting data from a variety of Computer Network Defense (CND) tools (including data from approved information assurance (IA) tools to include intrusion detection system alerts, firewall and network traffic logs, and host system logs) to analyze events that occur within their environment.
Performing audit function for the Agent of the Certification Authority (ACA) or other government Information Assurance (IA) Manager for mitigation of risks and reporting to include report generation for certification and accreditation packages or Certification of Networthiness efforts.
Perform assessments of systems and networks within the Network Environment (NE) or enclave and identify where those systems/networks deviate from acceptable configurations, enclave policy, or local policy.
Perform passive evaluations (compliance audits) and active evaluations (penetration tests and/or vulnerability assessments)
Perform security certification engineering analysis, vulnerability assessments, and risk assessments
Develop methods to improve the security of networks, platforms and data
Five (5) years of professional cybersecurity experience in the execution of the Risk Management Framework (RMF) process for information systems, eMASS, Information Assurance Vulnerability Management (IAVM) processes.
Experience conducting vulnerability scans and Security Technical Implementation Guide (STIG) analysis, Software Assurance (SwA), and vulnerability assessments for risk mitigations and remediation.
Experience with managing the Plan of Action and Milestones (POA&M), Continuous Monitoring, and Federal Information System Management Act (FISMA) compliance.
A Bachelor's Degree in Computer Science, or other Engineering or Technical discipline with an Information Security or Cyber Security Concentration
Advanced Degree with concentration in Information Security or Cyber Security preferred
DoD IAT Level II (Security+ Certification preferred)