Sr Cyber Security Engineer
Sr Cyber Security Engineer
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
Salary Statement
Description
SRC is searching for a wellrounded MidLevel Cybersecurity Engineer test analyze evaluate validate and verify cybersecurity requirements for these systems to support the installation requirements for United States Space Command (USSPACECOM) command and control facilities. Work supporting USSPACECOM will be conducted at the governments facilities in Colorado Springs CO. Duties & Responsibilities include:
- Provides risk management and IT security servicesInformation Assurance (IA) support and RMF Assessment & Authorization (A&A)
- Serves as a technical liaison between senior management technical experts/engineers and other stakeholders for Cybersecurity to facilitate: Plans of Action and Milestones (POA&M) maintenance and milestone tracking (mitigation statements) creation of diagrams software and hardware lists POA&Ms Risk Assessment Reports (RARs) Special Publication (SP) System Security Plan (SSP) Ports Protocols and Services Management (PPSM) and A&A packages
- Manages RMF accreditation process from cradle to grave. Develops RMF package(s) for legacy and modernized IT architecture pursuant to Authorizations to Operate (ATO) for designated DoD systems. Leads RMF transition from DoD Information Assurance Certification and Accreditation Process (DIACAP). Develops and maintains RMF documentation: Implementation Plans POA&Ms and RARs in order to obtain and maintain
- Manages Information Assurance Vulnerability Management (IAVM) program. Ensures compliance with DoD issuances USCYBERCOM tasking orders (TASKORDs) IA Vulnerability Alerts (IAVAs) and DISA Security Requirements Guides (SRGs) and Security Technical Implementation Guides (STIGs).
- Ensures computing environment is postured to minimize vulnerabilities and risk against cyber threats (e.g. malware viruses)validates system security settings risk monitoring IA controls and countermeasures are in accordance with DoD standards
- Validates IA control requirements based on Committee on National Security Systems Instruction (CNSSI) 1253 / National Institute of Standards and Technology (NIST) 80053 and USSPACECOM policy & documentation.
- Performs RARs vulnerability assessments analyzes/interprets results from Assured Compliance Assessment Solution (ACAS) Scans Security Content Automation Protocol (SCAP) scans
- Collaborates with engineers and developers to create or modify authorization boundary diagrams as well as hardware and software lists
- Conducting vulnerability assessments of information systems and mitigate/remediate the results
- Build trust with customers and foster a focus on Cybersecurity with team members/stakeholders
FILLING THIS POSITION IS CONTINGENT UPON FUNDING
#LILH1
Requirements
- 5 years combined cybersecurity experience holding one or more of the following roles: ISSE ISSO and/or Security Control Assessor Representative (SCAR).
- Minimum of 5 years of ITrelated experience demonstrating competency with 1 attention to detail 2 customer service 3 oral communication and 4 problem solving.
- Bachelors Degree (e.g. Cybersecurity Engineering Computer Science or related IT fields) and Active DoD 8570 Level II Certification (e.g. Security CE CCNA etc.
Desired Skills
- Knowledgeable with demonstrated cybersecurity experience in Risk Management Framework (RMF) including the following DoDI 8500 series NIST SP 800 series CNSSI and FIPS series
- Experience with ACAS SCAP and DISA STIGs/SRGs
- Assessment & Authorization (A&A)
- Policy Development
- Knowledgeable with Facility Related Control Systems (FRCS)/Industrial Control System (ICS) Compliance
- Skilled in the use of Enterprise Mission Assurance Support Service (eMASS) and/or XACTA
- Knowledgeable with Supply Chain Cyber Risk Management (SCRM)
- Skilled in compliance reporting with known vulnerabilities from alerts advisories errata and bulletins
- Skilled in network security architecture concepts including topology protocols components and principles with focus on producing deliverables in accordance with PPSM registration requirements and RMF processes
- Skilled in discerning the protection needs of information systems and networks with focus on identifying tailoring implementing and testing RMF security controls with practical mitigation statements
- Knowledge of current industry methods for evaluating implementing and disseminating in IT security assessment monitoring detection and remediation tools and procedures
- Knowledge of cybersecurity principles and DoD requirements (relevant to confidentiality integrity availability authentication nonrepudiation)
- Knowledge of IT security principles and methods (e.g. firewalls demilitarized zones encryption zero trust)
- Knowledge of system and application security threats and vulnerabilities (e.g. buffer overflow mobile code crosssite scripting Procedural Language/Structured Query Language PL/SQL and injections race conditions covert channel replay returnoriented attacks malicious code)
Clearance Information
SRC IS A CONTRACTOR FOR THE U.S. GOVERNMENT. THIS POSITION WILL REQUIRE U.S. CITIZENSHIP AS WELL AS A U.S. GOVERNMENT SECURITY CLEARANCE AT THE TOP SECRET / SCI LEVEL
Travel Requirements
no
About Us
Scientific Research Corporation is an advanced information technology and engineering company that provides innovative products and services to government and private industry as well as independent institutions. At the core of our capabilities is a seasoned team of highly skilled engineers and scientists with multidisciplinary backgrounds. This team is challenged daily to provide cutting edge technology solutions to our clients.
SRC offers a generous benefit package including medical dental and vision plans 401(k) with a company match life insurance vacation and sick paid time off accruals starting at 10 days of vacation and 5 days of sick leave annually 11 paid holidays tuition reimbursement and a work environment that encourages excellence and more. For positions requiring a security clearance selected applicants will be subject to a government security investigation and must meet eligibility requirements for access to classified information.
Diversity & Inclusion
We strongly believe in the abundance of differences among individuals. We value different points of view and appreciate diverse perspectives. We truly believe this is what makes our organization inclusive and more responsive to the needs of our diverse customers.
EEO
Scientific Research Corporation is an equal opportunity and affirmative action employer that does not discriminate in employment.
All qualified applicants will receive consideration for employment without regard to their race color religion sex age sexual orientation gender identity or national origin disability or protected veteran status.
Scientific Research Corporation endeavors to make www.scires accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process please contact for assistance. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications.
Required Experience:
Senior IC
Employment Type
Full-Time
