Cybersecurity Analyst/Information Systems Security Officer (ISSO)

Overview

SRI is seeking a Cybersecurity Analyst/Information Systems Security Officer (ISSO) to join our IA team in supporting SRI's Menlo Park, CA facility.  The successful candidate will provide oversight, policy/procedure development, and related functions in compliance with NISPOM, 800-53, JSIG and ICD 503.  As part of the IA Team, the position is responsible for operating, managing, and implementing security requirements both technical and administrative on classified systems.

This position is located in Menlo Park, CA.

Responsibilities

• Develop and maintain C&A (RMF) packages for classified information systems.
• Prepare and analyze test results for development into a POA&M.
• Providing information security support and technical security guidance in all phases of the system life cycle.
• Perform software patch installation, antivirus updates, and conduct security self-reviews.
• Ensure configuration management (CM) for security-relevant software, hardware, and firmware is maintained and documented.
• Perform evaluation and obtain DAO authorization for new software, hardware, and firmware use before implementation on the system.
• Identify security vulnerabilities and provide guidance on mitigating risk.
• Initiate protective or corrective measures when a security incident or vulnerability is discovered.
• Ensure that system recovery processes are monitored to ensure that security features and procedures are properly restored.
• Represent IA in security, project, and technical exchange meetings.
• Perform limited system administration tasks to include desktop/server support, and network administration functions
• Must be available for occasional after-hours assistance.  Limited travel within the continental United States will be required.

Qualifications

Required Qualifications:

• Possession of DoD 8570 certification, and completion of appropriate USG-sponsored (DOD, DNI, etc.) ISSO/ISSM training courses.
• Minimum of 5 years of C&A experience directly related to the NISPOM/DAAPM, JSIG, 800-53 and ICD503 accreditation processes and 2 years in system administration/desktop support.
• Must have the ability to conduct validation testing using automated assessment tools.
• Excellent communication, organizational and customer service skills.
• Experience using and auditing of both Linux and Windows Operating systems, in physical and virtual environments.
• Lifting (max 40 lbs.) occasionally required.  Must be able to manipulate hand tools.

Desired Qualifications:

• Bachelor's degree or equivalent preferred or a combination of related information security experience will be considered.
• Working knowledge of COMSEC equipment to include handling keying material and troubleshooting encryption devices.
• Basic networking and computer hardware skills
• Ability to conduct validation testing using automated assessment tools.
• Specialized knowledge in areas such as security training and awareness, computer forensic investigations, systems security administration, data recovery and network security control, design, and implementation, as well as facility and physical security requirements.

The salary range is: $112,880-$167,910/annually. Salary ranges will vary and are based on several factors, including geographic location, market competitiveness and equity amongst internal employees in similar roles. Positions may also qualify for SRI's Pay for Outstanding Performance program or the annual Performance Based Compensation program. SRI also has a competitive benefits package, to view details please go to https://www.sri.com/resources/benefits/. SRI is an independent nonprofit research institute headquartered in Menlo Park, Calif., with a rich history of supporting government and industry. We create and deliver world-changing solutions for a safer, healthier, and more sustainable future. For more than 75 years, we have collaborated across technical and scientific disciplines to discover and develop groundbreaking products and technologies and bring innovations and ideas to the marketplace.