Cyber Sec Analyst - ISSO

Description

The SRC Navy Cryptologic Systems (NCS) Directorate supports a number of US Navy Programs, including the Cryptologic Carry-On Program (CCOP), Ships' Signals Exploitation Equipment (SSEE) Program, and Distributed Common Ground System -- Navy (DCGS-N). We specialize in engineering support, software development, integration, testing, technical writing, Cybersecurity (administration, policy and engineering), production, technical support, warehousing, drafting, repair and management.As an NCS Information Systems Security Officer (ISSO), this position is responsible for supporting the information system owner to complete security assessment, continuous monitoring, and configuration management responsibilities of NCS. Responsibilities include, but are not limited to:

• Performing monthly compliance assessments using tools, such as Assured Compliance Assessment Solution (ACAS), Collaborative Computing Security Services (CS2) audit files, Secure Content Automation Protocol (SCAP), and McAfee Virus Scan Enterprise, reviewing, documenting, and maintaining all results
• Verifying patches and virus definitions to the systems using existing automated tools
• Adhering to predefined configuration management and change management policies and procedures forauthorizing software prior to its implementation on systems
• Ensuring that audit trails (system logs) are reviewed as required; audit records will be maintained for future reference
• Assessing NCS family of systems in accordance with NIST, NSA and NAVINTEL IA guidance
• Recommending authorization of systems to the Designated Authorizing Official (DAO) as a certifiedtrusted agent
• Reporting security incidents in accordance with the command's incident response plan
• Ensuring systems are operated, used, maintained, and disposed of in accordance with all applicable security policies and practices

#LI-LL1

Requirements

• Must possess an active Top Secret clearance
• A minimum of five (5) years of cybersecurity experience
• Must currently hold a DoD 8570-compliant IAT II certification (SSCP or Security+CE with appropriateCE/OS certificate), and IAM II certification (CAP or CASP CE) or be able to obtain within six months
  • CE/OS certificate may include Windows or Linux
• Experience creating complete ATO packages using Risk Management Framework process
• Experience with eMASS, SSPs, POA&Ms, VRAM, ACAS/Nessus, XACTA, SCAP, SCC Tool, Benchmarks, andSTIG Viewer
• Successfully complete a NCIS Polygraph within one year of employment
• Developed communication skills and the ability to express thoughts and ideas clearly and concisely
• Be a team player, dedicated to program support, capable of multitasking and working severalcomplex and diverse tasks with simultaneous or near simultaneous deadlines
• Be a self-starter who is accountable and requires minimal direction and supervision
• Be open to new and innovative ideas
• Must be able to be appointed ISSO for NCS systems within six months of employment

Desired Skills

• Bachelor's degree in information systems, computer science, or similar
• AWS Certified Cloud Practitioner
• Ability to create and modify authorization boundary and data flow diagrams using Microsoft Visio
• Knowledge of container security, ability to assess container hardening per NIST 800-190, experience assessing container hosting environments, and knowledge of container and code analysis tools such as JFrog Xray, Trivy, and SonarQube
• Knowledge of GovCloud, Navy Cloud policies and DISA Cloud Computing Security Requirements Guide
• Experience in a Linux environment is preferred
• Experience with WSUS, YUM

Clearance Information

SRC IS A CONTRACTOR FOR THE U.S. GOVERNMENT. THIS POSITION WILL REQUIRE U.S. CITIZENSHIP AS WELL AS A U.S. GOVERNMENT SECURITY CLEARANCE AT THE TOP SECRET / SCI LEVEL with CI POLY ELIGIBILITY

Travel Requirements

• Up to 20% travel may be required

About Us

Scientific Research Corporation is an advanced information technology and engineering company that provides innovative products and services to government and private industry, as well as independent institutions. At the core of our capabilities is a seasoned team of highly skilled engineers and scientists with multidisciplinary backgrounds. This team is challenged daily to provide cutting edge technology solutions to our clients.

SRC offers a generous benefit package, including medical, dental, and vision plans, 401(k) with a company match, life insurance, vacation and sick paid time off accruals starting at 10 days of vacation and 5 days of sick leave annually, 11 paid holidays, tuition reimbursement, and a work environment that encourages excellence and more. For positions requiring a security clearance, selected applicants will be subject to a government security investigation and must meet eligibility requirements for access to classified information.

EEO

Scientific Research Corporation is an equal opportunity employer that does not discriminate in employment.

All qualified applicants will receive consideration for employment without regard to their race, color, religion, sex, age, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other protected characteristic under federal, state or local law.

Scientific Research Corporation endeavors to make www.scires.com accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact jobs@scires.com for assistance. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications.