Cyber Sec Analyst III/ISSO

---

Job description

About Us:
Scientific Research Corporation is an advanced information technology and engineering company that provides innovative products and services to government and private industry, as well as independent institutions. At the core of our capabilities is a seasoned team of highly skilled engineers and scientists with multidisciplinary backgrounds. This team is challenged daily to provide cutting edge technology solutions to our clients.

Scientific Research Corporation offers a competitive salary, an extensive benefits package and a work environment that encourages excellence. For positions requiring a security clearance, selected applicants will be subject to a government security investigation and must meet eligibility requirements for access to classified information.

Requirements:
Must possess an active Top Secret/SCI clearance

5-8 years of Cybersecurity experience

Must currently hold a DoD 8570-compliant IAT II certification (SSCP or Security+CE with appropriate CE/OS certificate), and IAM II certification (CAP or CASP CE) or be able to obtain within six months. CE/OS certificate may include Windows or Linux

Experience with System Security Plans (SSPs), POA&Ms, ACAS/Nessus, SCAP, and DISA STIGs

Experience with Risk Management Framework processes

Have developed communication skills and the ability to express thoughts and ideas clearly and concisely

Must be a team player, dedicated to program support, capable of multitasking and working several complex and diverse tasks with simultaneous or near simultaneous deadlines

Be a self-starter who is accountable and requires minimal direction and supervision

Be open to new and innovative ideas

Must be able to be appointed ISSO for NCS systems within 6-months of employment

Desired Skills:
Extensive training or experience with Windows and UNIX based Information Systems standards with a working knowledge of networking devices

Knowledge of configuration of various SQL databases: MS SQL, PostgreSQL, MongoDB, MariaDB, MySQL, Elasticsearch

Knowledge of Web Servers: Apache Web Server, Apache Tomcat, Red Hat JBOSS, nginx, MS IIS

Knowledge of VMWare ESXi

Knowledge of Software Application and Container Security

Knowledge of data flows and the ability to work up readable network topology and data flow diagrams

Experience with NAVINTEL IA and NSA Enterprise Services: Continuous Monitoring

Experience with the following systems/platforms/tools: XACTA; HBSS; ACAS; Nessus; SPLUNK

Description:
The SRC Navy Cryptologic Systems (NCS) Directorate supports a number of US Navy Programs, including the Cryptologic Carry-On Program (CCOP), Ships Signals Exploitation Equipment (SSEE) Program, and Distributed Common Ground System - Navy (DCGS-N). We specialize in engineering support, software development, integration, testing, technical writing, Cybersecurity (administration, policy and engineering), production, technical support, warehousing, drafting, repair and management.

As an NCS Information Systems Security Officer (ISSO), this position is responsible for supporting the Information System Owner to complete security assessment, continuous monitoring, and configuration management responsibilities of NCS.

Responsibilities include, but are not limited to:

Developing and updating assessment and authorization documentation (Body of Evidence) for management and continuous monitoring of information systems

Performing ongoing compliance assessments using tools, such as Assured Compliance Assessment Solution (ACAS), Secure Content Automation Protocol (SCAP), and McAfee Virus Scan Enterprise, Review, document, and maintain all results

Verifying patches and virus definitions to the systems using existing automated tools

Adhering to pre-defined configuration management and change management policies and procedures for authorizing software prior to its implementation on systems

Performing security audits using to track multiple events including any signs of inappropriate or unusual activity, intrusion events, data transfers, etc

Performing security assessments of NCS Family of Systems in accordance with NIST, Navy, NSA and NAVINTEL IA guidance. Works with system engineers to take corrective action to resolve identified problems

Performing Site Based Security Assessments (SBSAs) of systems and recommending authorization to the Designated Authorizing Official (DAO) as a certified Trusted Agent

Reporting security incidents in accordance with the Command Incident Response Plan

Ensuring systems are operated, used, maintained, and disposed of in accordance with all applicable security policies and practices

Clearance Information:
SRC IS A CONTRACTOR FOR THE U.S. GOVERNMENT, THIS POSITION WILL REQUIRE U.S. CITIZENSHIP AS WELL AS, A U.S. GOVERNMENT SECURITY CLEARANCE AT THE TOP SECRET/ SCI LEVEL

Travel Requirements:
Minimal travel maybe required

Diversity & Inclusion:
We strongly believe in the abundance of differences among individuals. We value different points of view and appreciate diverse perspectives. We truly believe this is what makes our organization inclusive and more responsive to the needs of our diverse customers.

EEO:
Scientific Research Corporation is an equal opportunity and affirmative action employer that does not discriminate in employment.

All qualified applicants will receive consideration for employment without regard to their race, color, religion, sex, age, sexual orientation, gender identity, or national origin, disability or protected veteran status.

Scientific Research Corporation endeavors to make (url removed) accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact (url removed) for assistance. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications.

<!– job description page –>