Scientific Research Corporation is an advanced information technology engineering company that provides innovative products and services to government and private industry, as well as independent institutions. At the core of our capabilities is a seasoned team of highly skilled engineers and scientists with multidisciplinary backgrounds. This team is challenged daily to provide cutting edge technology solutions to our clients.
PRIMARY DUTIES & RESPONSIBILITIES:
* Provide IAM Level III support * Support joint and service-level C4ISR system and mission requirements * Perform Cyber Security Certification and Accreditation (C&A)/Assessment and Authorization (A&A) of new and existing systems * Identify, refine, and document cyber security requirements and support the C&A/A&A of systems, software, and services in accordance with relevant guidance to include DoDI 8500.01, 'Cybersecurity', DoDI 8510.01 'Risk Management Framework (RMF) for DoD Information Technology (IT)', and Intelligence Community Directive 503 (ICD 503) Information Assurance controls as they pertain to the DIACAP, the Risk Management Framework, and the ICD 503 processes * Plan, perform, and analyze cyber security Test and Evaluation (T&E) events for systems, software, and service * Prepare and review cyber security documentation and establish procedures and processes to monitor progress toward customer organizational objectives * Identify potential security issues in software configurations, recommend corrective actions, communicate issues, and monitor progress, while performing vulnerability management and notify leadership of alerts, bulletins, and technical advisories * Maintain a strong relationships with US Cyber Command (USCYBERCOM), Navy Authorizing Official (NAO), and SPAWAR Echelon II entities, and perform other C&A/A&A duties as required * Maintain annual compliance requirements as mandated by the Federal Information Security Management Act (FISMA) * Perform vulnerability assessments, mitigation and reporting using DoD and DISA mandated and/or approved tools and evaluate the results for compliance with Federal and DoD Cybersecurity requirements
Scientific Research Corporation offers a competitive salary, an extensive benefits package and a work environment that encourages excellence. Applicants selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information.
Scientific Research Corporation is an equal opportunity and affirmative action employer that does not discriminate in employment.
All qualified applicants will receive consideration for employment without regard to their race, color, religion, sex, sexual orientation, gender identity, or national origin, disability or protected veteran status.
MINIMUM SKILLS & REQUIREMENTS:
* Knowledge of procedures for assessing, evaluating, and monitoring programs or projects for compliance the Department of Defense, DISA, NIST and other federal and agency organizations * Knowledge of defensive measures to detect, respond to, and protect information, information systems, and networks from threats * Knowledge of principles and methods for planning or managing the implementation, update, or integration of information systems components * Knowledge of methods, tools, and procedures, including development of information security plans, to prevent information systems vulnerabilities, and provide or restore security of information systems and network services * Knowledge of computer network defense devices, operating systems and their applications * Knowledge of the laws, regulations, and guidelines related to securing personnel, facilities, and information, including the requirements for handling, transporting, and protecting classified information and proper reporting of security incidents * Knowledgeable and experienced with DIACAP phases, activities, tools, and resources * Knowledgeable and experienced with RMF phases, activities, tools, and resources * Knowledgeable and experienced with ICD 503 phases, activities, tools, and resources * Experience managing IT projects for system (C&A/A&A) for USN Validation activities * C&A/A&A tool and system experience in eMASS and XACTA * Shall contribute and be familiar with guidance on current and dynamic computer security requirements, best practices, and information system/network hardening techniques and consult and contribute on Policy, Procedure, and Guideline development * Knowledge of National Institute of Science and Technology (NIST) and Defense Information Systems Agency (DISA) standards, guidelines, and requirements as related to Cybersecurity and Risk Management * Knowledge of common and DOD specific network/communication protocols, processes, and architectures * Experience in administering and hardening Microsoft Windows and other operating systems in accordance with DISA and NIST requirements * Experience in administering and hardening network components such as routers, switches, firewalls, virtual private network (VPN) appliances, and intrusion detection systems (IDS) in accordance with DISA and NIST requirements * Experience using Vulnerability Assessment tools Tenable/ACAS, Tenable Security Center, Tenable PVS, SCAP, Retina, STIGViewer and other tools * Experience implementing or managing HBSS EPO and McAfee AntiVirus Suites * Some experience using System Administration Tools - Active Directory, Microsoft System Center Configuration Manager (SCCM)
THIS POSITION REQUIRES AN ACTIVE DoD TOP SECRET / SCI CLEARANCE
Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled Associated topics: attack, cybersecurity, idm, information assurance, information security, information technology security, malicious, protect, security officer, violation
* The salary listed in the header is an estimate based on salary data for similar jobs in the same area. Salary or compensation data found in the job description is accurate.