Info Systems Security Officer

• Adhering to all requirements as stated in the National Industrial Security Program Operating Manual (NISPOM, 32 CFR 117) and the Defense Counter-Intelligence and Security Agency (DCSA) Assessment and Authorization Process Manual (DAAPM)
• Additional duties may include installation of software and hardware, patch management, troubleshooting operational problems (computer hardware & software), user management (creating/deletion of accounts, resetting passwords), user indoctrination/training (briefing users, making presentations), compliance testing, clearing/sanitizing memory/media, researching computer system/peripheral specifications, preparing security documentation (reports, security plans, system profiles, etc.), vulnerability testing/assessment, maintenance of area access control lists and signage, inspection of secure areas, update of anti-virus software, backup of data and configuration settings, system maintenance, research/use of audit reduction and other security tools, development/improvement of documented security processes/procedures and helping to maintain up-to-date content of the company’s internal web pages for information systems security.
• Assisting the ISSM in the effective implementation, assessment, and management of the Information Assurance and support of the SRC Security Program
• Reporting security issues to the Facility Security Officer (FSO) and the Insider Threat Program Senior Official as applicable
• Assisting in establishing, documenting, and monitoring the IS security program, System Security Plans (SSP), security education, awareness, and training activities for facility management, IS personnel, users, and others, as appropriate
• Assisting ISSM to coordinate IS security program with other facility security programs, to include cooperation and support to other SRC facility ISSM’s and ISSO’s
• Preparing and implementing security documentation, and monitoring the IS Security Program and related procedures to ensures facility compliance with requirements for IS.
• Identifying and documenting unique local threats & vulnerabilities; making recommendation to risk management status and reporting threat indicators into the Insider Threat process
• Ensuring that periodic self-inspections of the facility’s IS Program and accredited systems are conducted as part of the overall facility self-inspection program and that corrective action is taken for all identified findings and vulnerabilities. Self-inspections are to ensure that the accredited system is operating as accredited and that accreditation conditions have not changed
• Developing and implementing Incident Response plans, vulnerability assessments, and maintenance procedures.
• Designating and managing the training, certification and oversight responsibilities of assigned ISSO’s as applicable

#LI-DH1

• This will be an on-site position
• US Citizenship AND a current security clearance at the Secret level
• Minimum two-year technical degree and two or more years work related experience or an equivalent combination of education and experience
• Must possess or be willing to obtain Security + and/or other equivalent and applicable certifications supporting DoD Directive 8570. (i.e. CASP, CISM, CISSP)
• Experience with or have worked as one or more of the following: Information Systems Security Manager (ISSM), Information System Security Officer (ISSO), Linux administrator (Linux +), Windows administrator (all OS(s) including legacy systems), Systems Administrator, Information System Auditor, Data Security Analyst, Network Control Technician

• Industrial Security Program experience
• Security + and/or CISSP
• Minimum of 1 year Linux system administration experience
• 2 years’ experience as ISSO
• Four-year degree in Computer Engineering, Computer Science, or Information Assurance/Security or related fields
• Experience with ICD 503, NIST 800
• Project Management and Leadership
• Excellent written and verbal communication skills
• College Level Certification in related field
• Familiarity with EMASS

SRC IS A CONTRACTOR FOR THE U.S. GOVERNMENT, THIS POSITION WILL REQUIRE U.S. CITIZENSHIP AS WELL AS, A U.S. GOVERNMENT SECURITY CLEARANCE AT THE SECRET LEVEL WITH TOP SECRET ELIGIBILITY

• Some travel required (less than 10%)

Scientific Research Corporation is an advanced information technology and engineering company that provides innovative products and services to government and private industry, as well as independent institutions. At the core of our capabilities is a seasoned team of highly skilled engineers and scientists with multidisciplinary backgrounds. This team is challenged daily to provide cutting edge technology solutions to our clients.

SRC offers a generous benefit package, including medical, dental, and vision plans, 401(k) with a company match, life insurance, vacation and sick paid time off accruals starting at 10 days of vacation and 5 days of sick leave annually, 11 paid holidays, tuition reimbursement, and a work environment that encourages excellence and more. For positions requiring a security clearance, selected applicants will be subject to a government security investigation and must meet eligibility requirements for access to classified information.

Scientific Research Corporation is an equal opportunity employer that does not discriminate in employment. All qualified applicants will receive consideration for employment without regard to their race, color, religion, sex, age, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other protected characteristic under federal, state or local law.

Scientific Research Corporation endeavors to make www.scires.com accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact jobs@scires.com for assistance. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications.