Cyber Sec Analyst - ISSO

The SRC Navy Cryptologic Systems (NCS) Directorate supports a number of US Navy Programs, including the Cryptologic Carry-On Program (CCOP), Ships' Signals Exploitation Equipment (SSEE) Program, and Distributed Common Ground System -- Navy (DCGS-N). We specialize in engineering support, software development, integration, testing, technical writing, Cybersecurity (administration, policy and engineering), production, technical support, warehousing, drafting, repair and management.
As an NCS Information Systems Security Officer (ISSO), this position is responsible for supporting the information system owner to complete security assessment, continuous monitoring, and configuration management responsibilities of NCS. Responsibilities include, but are not limited to:

• Performing monthly compliance assessments using tools, such as Assured Compliance Assessment Solution (ACAS), Collaborative Computing Security Services (CS2) audit files, Secure Content Automation Protocol (SCAP), and McAfee Virus Scan Enterprise, reviewing, documenting, and maintaining all results
• Verifying patches and virus definitions to the systems using existing automated tools
• Adhering to pre-defined configuration management and change management policies and procedures for
  authorizing software prior to its implementation on systems
• Ensuring that audit trails (system logs) are reviewed as required. Audit records will be maintained for future reference
• Assessing NCS family of systems in accordance with NIST, NSA and NAVINTEL IA guidance
• Recommending authorization of systems to the Designated Authorizing Official (DAO) as a certified
  trusted agent
• Reporting security incidents in accordance with the command's incident response plan
• Ensuring systems are operated, used, maintained, and disposed of in accordance with all applicable security policies and practices

#LI-LL1

• Must possess an active Top Secret clearance
• A minimum of five (5) years' of cybersecurity experience
• Must currently hold a DoD 8570-compliant IAT II certification (SSCP or Security+CE with appropriate
  CE/OS certificate), and IAM II certification (CAP or CASP CE) or be able to obtain within six months. CE/OS certificate may include Windows or Linux
• Experience creating complete ATO packages using Risk Management Framework process
• Experience with eMASS, SSPs, POA&Ms, VRAM, ACAS/Nessus, XACTA, SCAP, SCC Tool, Benchmarks, and
  STIG Viewer
• Successfully complete a NCIS Polygraph within 1 year of employment
• Have developed communication skills and the ability to express thoughts and ideas clearly and concisely
• Must be a team player, dedicated to program support, capable of multitasking and working several
  complex and diverse tasks with simultaneous or near simultaneous deadlines
• Be a self-starter who is accountable and requires minimal direction and supervision
• Be open to new and innovative ideas
• Must be able to be appointed ISSO for NCS systems within 6-months of employment

• Bachelor's degree in information systems, computer science, or similar
• AWS Certified Cloud Practitioner
• Ability to create and modify authorization boundary and data flow diagrams using Microsoft Visio
• Knowledge of container security, ability to assess container hardening per NIST 800-190, experience assessing container hosting environments, and knowledge of container and code analysis tools such as JFrog Xray, Trivy, and SonarQube
• Knowledge of GovCloud, Navy Cloud policies and DISA Cloud Computing Security Requirements Guide
• Experience in a Linux environment is preferred
• Experience with WSUS, YUM

SRC IS A CONTRACTOR FOR THE U.S. GOVERNMENT. THIS POSITION WILL REQUIRE U.S. CITIZENSHIP AS WELL AS A U.S. GOVERNMENT SECURITY CLEARANCE AT THE TOP SECRET / SCI LEVEL with CI POLY ELIGIBILITY

• Minimal travel may be required

Scientific Research Corporation is an advanced information technology and engineering company that provides innovative products and services to government and private industry, as well as independent institutions. At the core of our capabilities is a seasoned team of highly skilled engineers and scientists with multidisciplinary backgrounds. This team is challenged daily to provide cutting edge technology solutions to our clients.

SRC offers a generous benefit package, including medical, dental, and vision plans, 401(k) with a company match, life insurance, vacation and sick paid time off accruals starting at 10 days of vacation and 5 days of sick leave annually, 11 paid holidays, tuition reimbursement, and a work environment that encourages excellence and more. For positions requiring a security clearance, selected applicants will be subject to a government security investigation and must meet eligibility requirements for access to classified information.

Scientific Research Corporation is an equal opportunity employer that does not discriminate in employment.

All qualified applicants will receive consideration for employment without regard to their race, color, religion, sex, age, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other protected characteristic under federal, state or local law.

Scientific Research Corporation endeavors to make www.scires.com accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact jobs@scires.com for assistance. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications.