Information Systems Security Officer I

Scientific Research Corporation (SRC) is an advanced information technology engineering company that provides innovative products and services to government and private industry as well as independent institutions. At the core of our capabilities is a seasoned team of highly skilled engineers and scientists with multidisciplinary backgrounds. This team is challenged daily to provide cutting edge technology solutions to our clients. SRC is searching for a Junior Cybersecurity Engineer to test analyze evaluate validate and verify cybersecurity requirements for North American Aerospace Defense Command (NORAD) and United States Northern Command (USNORTHCOM) systems. These systems consist of an onpremises Nutanix HyperConverged Private Cloud utilizing VMware ESXi Hypervisor and associated products with future migration to Nutanixs native Hypervisor. The Private Cloud hosts NORAD and USNORTHCOM Mission Applications and Web Services including the Situational Awareness Geospatial Enterprise (SAGE) and Air Event Information Sharing Service (A/EISS) applications as well as the Global Command and Control SystemJoint (GCCSJ) Program of Record (PoR) Systems and Information Technology (IT) infrastructure including Red Hat Enterprise Linux (RHEL) servers. Sustainment of NORAD and USNORTHCOM systems will be conducted at the governments facilities in Colorado Springs CO. Duties & Responsibilities include:

• Performing as a DoD Information Systems Security Officer (ISSO)
• Implementing Zero Trust best practices and methodologies
• Developing updating and/or reviewing ATO IATT ATC documentation to include but not limited to Security Plans Implementation Plans Test Plans Test Results (ACAS STIGs etc. POA&M and Security Assessment Reports (SAR)
• Ensuring that security design & distribution actions are evaluated validated and implemented as required
• Ensuring that cybersecurity requirements are integrated into the architecture for that system and/or organization(s)
• Evaluating development efforts to ensure that baseline security safeguards are planned for and appropriately installed
• Identifying alternative information security strategies to address organizational security objectives of cyber taskings
• Assisting the J66 ISSM in preparing distributing and maintaining plans instructions guidance and standard operating procedures concerning the security of network system(s) operations and cybersecurity practices
• Reviewing & recommending policy standards and implementation strategies to ensure procedures and guidelines comply with cybersecurity policies
• Developing updating and/or reviewing ATO IATT ATC documentation to include but not limited to Security Plans Implementation Plans Test Plans Test Results (ACAS STIGs etc. POA&M and Security Assessment Reports (SAR)
• Assessing system compliance against NIST and DoD security requirements to include the NIST 80053 controls and DISA Security Technical Implementation Guides (STIGs) and Security Requirements Guides (SRGs)
• Coordinating with other system SMEs to identify and develop authorization boundary diagrams architecture diagrams and hardware and software inventories

FILLING THIS POSITION IS CONTINGENT UPON FUNDING

#LIAM1

• 3 years combined cybersecurity experience holding one or more of the following roles: ISSO Cybersecurity Analysts and/or Systems/Network Administrator

• 2 years of experience working Risk Management Framework (RMF)/Authorization To Operate (ATO) packages either in Enterprise Mission Assurance Support Service eMASS or XACTA

• 2 years of experience working with Windows and/or Linux systems administration

• Active DoD 8140 Workforce Certification (formerly DoD 8570 Level II) (e.g. Security CE CCNA etc.

• Possess cloud certification (e.g. Certified Cloud Security Professional (CCSP) GIAC Cloud Security Essentials (GCLD) etc.

• Possess network certification (e.g. Systems Security Certified Practitioner (SSCP) GIAC Network Forensic Analyst (GNFA) etc.

• Bachelors Degree (e.g. Cybersecurity Engineering Computer Science or related IT fields)

• Experience working in DevSecOps (CI/CD) environments

• Knowledgeable with Supply Chain Cyber Risk Management (SCRM)

• Knowledge of cybersecurity principles and DoD requirements (relevant to confidentiality integrity availability authentication nonrepudiation)

• Knowledge of IT security principles and methods (e.g. firewalls demilitarized zones encryption Zero Trust)

• Experience with evaluating security vulnerabilities developing mitigation strategies or implementing remediation activities according to RMF and Test and Evaluation guidance. With a large focus on RMF steps 1 through 4

• Ability to communicate and establish collaborative relationships with government clients and associate contractor teammates to achieve program goals

SRC IS A CONTRACTOR FOR THE U.S. GOVERNMENT THIS POSITION WILL REQUIRE U.S. CITIZENSHIP AS WELL AS A U.S. GOVERNMENT SECURITY CLEARANCE AT THE TOP SECRET LEVEL WITH TOP SECRET / SCI ELIGIBILITY

• No travel required

Scientific Research Corporation is an advanced information technology and engineering company that provides innovative products and services to government and private industry as well as independent institutions. At the core of our capabilities is a seasoned team of highly skilled engineers and scientists with multidisciplinary backgrounds. This team is challenged daily to provide cutting edge technology solutions to our clients.

SRC offers a generous benefit package including medical dental and vision plans 401(k) with a company match life insurance vacation and sick paid time off accruals starting at 10 days of vacation and 5 days of sick leave annually 11 paid holidays tuition reimbursement and a work environment that encourages excellence and more. For positions requiring a security clearance selected applicants will be subject to a government security investigation and must meet eligibility requirements for access to classified information.

We strongly believe in the abundance of differences among individuals. We value different points of view and appreciate diverse perspectives. We truly believe this is what makes our organization inclusive and more responsive to the needs of our diverse customers.

Scientific Research Corporation is an equal opportunity and affirmative action employer that does not discriminate in employment.

All qualified applicants will receive consideration for employment without regard to their race color religion sex age sexual orientation gender identity or national origin disability or protected veteran status.
Scientific Research Corporation endeavors to make www.scires accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process please contact for assistance. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications.