Cyber Security Analyst

SRC is searching for a wellrounded MidLevel Cybersecurity Engineer test analyze evaluate validate and verify cybersecurity requirements for Information Technology (IT) systems to support the installation requirements for United States Space Command (USSPACECOM) command and control facilities. Work supporting USSPACECOM will be conducted at the governments facilities in Colorado Springs CO. Duties & Responsibilities include:

• Evaluate information systems for compliance with Defense Information Security Agency (DISA) Security Technical Implementation Guideline (STIG) and review measures needed to bring systems into compliance.
• Conduct Assured Compliance Assessment Solution (ACAS) scans for STIG compliance checks.
• Review Information Assurance Vulnerability Alerts (IAVA) for applicability and impact to NNC.
• Develop and/or update the Plan of Action and Milestones (POA&M) to document all known vulnerabilities to correct or mitigate risks.
• Analyze changes affecting the organizations Authorization to Connect (ATC) risk level and cybersecurity posture and report findings
• Ensure that security design & distribution actions are evaluated validated and implemented as required.
• Ensure that cybersecurity requirements are integrated into the continuity planning for that system and/or organization(s)
• Evaluate development efforts to ensure that baseline security safeguards are planned for and appropriately installed
• Identify alternative information security strategies to address organizational security objectives of cyber taskings
• Assist the command ISSM in preparing distributing and maintaining plans instructions guidance and standard operating procedures concerning the security of network system(s) operations and cybersecurity practices
• Review & recommend policy standards and implementation strategies to ensure procedures and guidelines comply with cybersecurity policies.
• Develop update and/or review ATO IATT ATC documentation to include but not limited to Security Plans Implementation Plans Test Plans Test Results (ACAS STIGs etc. POA&M and Security Assessment Reports (SAR)
• Assess system compliance against NIST and DoD security requirements to include the NIST 80053 controls and DISA Security Technical Implementation Guides (STIGs) and Security Requirements Guides (SRGs)
• Coordinate with other system SMEs to identify and develop authorization boundary diagrams architecture diagrams and hardware and software inventories.

#LILH1

FILLING THIS POSITION IS CONTINGENT UPON FUNDING

• 12 years combined cybersecurity experience holding one or more of the following roles: ISSO Cybersecurity Analysts and/or Systems/Network Administrator.
• 2 years of experience working with Windows and/or Linux systems administration.
• Bachelors Degree (e.g. Cybersecurity Engineering Computer Science or related IT fields) and Active DoD 8570 Level II Certification (e.g. Security CE CCNA etc.

• Skilled in the use of Enterprise Mission Assurance Support Service (eMASS)
• Knowledgeable with Supply Chain Cyber Risk Management (SCRM)
• Knowledge of cybersecurity principles and DoD requirements (relevant to confidentiality integrity availability authentication nonrepudiation)
• Knowledge of IT security principles and methods (e.g. firewalls demilitarized zones encryption zero trust)
• Knowledge of system and application security threats and vulnerabilities (e.g. buffer overflow mobile code crosssite scripting Procedural Language/Structured Query Language PL/SQL and injections race conditions covert channel replay returnoriented attacks malicious code)

SRC IS A CONTRACTOR FOR THE U.S. GOVERNMENT. THIS POSITION WILL REQUIRE U.S. CITIZENSHIP AS WELL AS A U.S. GOVERNMENT SECURITY CLEARANCE AT THE TOP SECRET / SCI LEVEL

no

Scientific Research Corporation is an advanced information technology and engineering company that provides innovative products and services to government and private industry as well as independent institutions. At the core of our capabilities is a seasoned team of highly skilled engineers and scientists with multidisciplinary backgrounds. This team is challenged daily to provide cutting edge technology solutions to our clients.

SRC offers a generous benefit package including medical dental and vision plans 401(k) with a company match life insurance vacation and sick paid time off accruals starting at 10 days of vacation and 5 days of sick leave annually 11 paid holidays tuition reimbursement and a work environment that encourages excellence and more. For positions requiring a security clearance selected applicants will be subject to a government security investigation and must meet eligibility requirements for access to classified information.

We strongly believe in the abundance of differences among individuals. We value different points of view and appreciate diverse perspectives. We truly believe this is what makes our organization inclusive and more responsive to the needs of our diverse customers.

Scientific Research Corporation is an equal opportunity and affirmative action employer that does not discriminate in employment.

All qualified applicants will receive consideration for employment without regard to their race color religion sex age sexual orientation gender identity or national origin disability or protected veteran status.
Scientific Research Corporation endeavors to make www.scires accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process please contact for assistance. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications.