DOCUMENT

1.05 CLP PWS Rev 2022.pdf

OVERVIEW

Original Source
Contract Opportunity
Date Originally Posted
Jan. 26, 2022, 9:21 a.m.
Type
.pdf
Size
0.69MB
Profiled People
None

DOCUMENT PREVIEW

EXTRACTED TEXT

PERFORMANCE WORK STATEMENT

1.0 BACKGROUND
The Navy Cyber Defense Operations Command (NCDOC) Cybersecurity Workforce Program Manager
(CSWF-PM) and the N7 Training Department are responsible for administering, managing and
facilitating the NCDOC Cybersecurity Workforce Qualification Program (CSWF-QP). The CWSF-QP is
NCDOC’s development program designed to develop a highly skilled Department of the Navy
Cybersecurity Workforce (CSWF) program. A common understanding of the cyber security concepts,
principles and application for each Department of Defense (DOD) category, level and functions to
enhance protection and availability of NCDOC information, information systems and networks. The
CWSF-QP establishes baseline skills among personnel performing Cyberspace IT or Cybersecurity
Workforce (Cyber IT/CSWF), Certification and Accreditation (C&A) and other IA related functions
within the NCDOC domain.

NCDOC requires all of its personnel to meet or exceed the CSWF requirements outlined in the SECNAV
M 5239.2. All certifications under the SECNAV M 5239.2 require attaining and reporting Continuing
Education Units (CEU); this is accomplished by attending a minimum of 20 hours of CPE’s annually in
the Cyber field according to the mandate of the SECNAV M-5239.2. Most, if not all, of the DON-
approved Cyber IT/CSWF certifications have a Continuous learning (CL) requirement in order to remain
certified. Certification agencies have various programs to describe their CL program (i.e., Continuous
Education, Certification Maintenance Unit, CEU, etc.). The Cyber IT/CSWF member must hold and
maintain their certification in accordance with the certification agency’s CL requirements.

NCDOC’s Training Department is responsible for providing the means for training for its personnel’s
professional development through a Continuous Learning Program (CLP) that incorporates this type of
course availability into its approved annual training budget and plan. Cyber Network Defense (CND) is
defined as the actions taken to protect, monitor, analyze, detect and respond to unauthorized activity
within DOD information systems and computer networks.

2.0 OBJECTIVE
The objective of this requirement is to provide high quality training services in support of NCDOC’s
CND CLP program that will maintain personnel CND proficiency, and provide the necessary technical
CPEs for advanced certification maintenance.

3.0 SCOPE
As a part of the CSWF-QP and CND CLP requirements, the training courses that are requested are a vital
component to the program curriculum as it hones significant CND competency skills and qualifies
personnel as effective members of the NCDOC CND-SP Team. The training program should provide the
adult training mode and scheduling flexibility best suited to the adult training needs of NCDOC
personnel, in a standard classroom setting when scheduled by NCDOC. As learning is an essential
attribute of high-performing individuals and organizations, it is therefore, a critical concept in
performance excellence. The course curriculum should all be ANSI and SECNAV M 5239.2 certified
courses and built on the Office of Personnel Management (OPM)’s National Initiative for Cybersecurity
Education (NICE) Cyber Core Competencies (CCCs): (1) Computer Network Defense, (2 Technology
Awareness, (3) Vulnerabilities Assessment, (4) Infrastructure Design, (5) Information Assurance, and (6)
Information Systems/Network Security.

4.0 DEFINITIONS
ANSI – American National Standards Institute
CCC- Cyber Core Competency
CND – Cyber Network Defense

DRAFTCEU – Continuing Education Units
CPE – Continuing Professional Education Credit
GIG – Global Information Grid
ISSM – Information Systems Security Manager
IAPM – Information Assurance Program Manager
CWSF-QP - Cyber Workforce Qualification Program
NCDOC – Navy Cyber Defense Operation Command
NICE – National Initiative on Cyber Education

5.0 SPECIFIC PERFORMANCE REQUIREMENTS AND TASKS

5.1 – NCDOC Training Account. The NCDOC Training Account should be continuously updated to
reflect the training funds invested and be managed by the NCDOC N7 Training Department.

5.1.1 Program Core Curriculum
Core Curriculum should at the minimum consist of the following courses of interest:
A. Certification Courses

a. EC-Councils’ Certified Ethical Hacker (CEH)/Network Forensic Analysis (NFA)

The Government anticipates 6 classes per year with a minimum of 90 students per year.
Additional courses shall be available as validated via the N7 Training Department based on individual
requirement and the operational necessity.

6.0 DELIVERABLES
1) Training Account

a) The Contractor shall provide on-line secure account registrations for NCDOC Training
Department to access and request class vouchers from the Training Account.
b) The Contractor shall inform NCDOC Training Department of courses available and any changes
or updates to the curriculums of courses available.
c) The Contractor shall provide the courses to approved participants in traditional scheduled
classroom on the dates agreed upon between the Training Department and the Contractor.
2) Command and Control – The contractor shall provide an automated means for controlling courses
offered, and limiting the approval of course requested by NCDOC to the designated Training Department
person and his/her designated Alternate.
3) The Contractor will inform the Training Department of Courses Requested, Completed, and Exam
Status.

7.0 TRAVEL
There will be no travel requirements for this PWS.

8.0 SECURITY
Performance of this task is UNCLASSIFIED. An interaction with the Training account is limited to
accessing a secure commercial website through a User account based on the NCDOC Training
Department e-mail account.

DRAFT

DRAFT