Cyber Security Engineer

Location US-CA-San Diego
ID 2024-9727
Category
Cyber Security
Position Type
Regular Full-Time

Salary Statement

Min: USD $96,600.00/Yr., Mid: USD $128,750.00/Yr., Max: USD $160,850.00/Yr.

About Us

Scientific Research Corporation is an advanced information technology and engineering company that provides innovative products and services to government and private industry, as well as independent institutions. At the core of our capabilities is a seasoned team of highly skilled engineers and scientists with multidisciplinary backgrounds. This team is challenged daily to provide cutting edge technology solutions to our clients.

 

SRC offers a generous benefit package, including medical, dental, and vision plans, 401(k) with a company match, life insurance, vacation and sick paid time off accruals starting at 10 days of vacation and 5 days of sick leave annually, 11 paid holidays, tuition reimbursement, and a work environment that encourages excellence and more. For positions requiring a security clearance, selected applicants will be subject to a government security investigation and must meet eligibility requirements for access to classified information.

Requirements

  • In-depth knowledge of NIST and FIPS security controls, DoD STIGs, IAVM tracking and CNSS standards as well as experience with performing security reviews for federal IT systems and experience with vulnerability scanning tools such as ACAS
  • 2+ years of experience in applying Cyber Security principles in Cloud environments, such as AWS and Azure
  • Experience working with two or more of the following development components: GIT, Fortify, SonarQube, Chef, Docker, Podman, OpenShift, Kubernetes, OKTA, and F5 APM
  • 2+ years of experience with DoD security implementation (e.g. STIG)
  • 2+ years of experience implementing security tools including HBSS & ACAS
  • 1+ year of experience utilizing scanning tools such as Tenable Nessus and Security Content Automation Protocol (SCAP)
  • 2+ years experience with Linux infrastructure (Linux+ or LPI certs desired)
  • 1+ years experience with SELinux, troubleshooting and monitoring logs
  • Experience installing and troubleshooting Microsoft Defender for Endpoint (MDE)
  • Security+, IAT2 level (CASP+ or CISSP preferred)
  • Experience administering servers, backup operations, and systems monitoring in multiple and complex network server environments
  • Experience running SSC LANT Security Center scans

Desired Skills

  • Associates or Bachelors degree in cyber security or info systems desired
  • Ability to work and advise multiple cross-domain teams, manage conflict, and communicate both very technically and to a layman
  • 1 year of experience with DEVSECOPS Principles
  • Familiarity with managing, monitoring and troubleshooting Linux infrastructure and networks
  • System administration experience in Red Hat Enterprise Linux (RHEL) or VMware products (e.g. vSphere Client, vROPS Manager)
  • Experience managing/administering web server architecture including Apache Tomcat on a RHEL O/S
  • Experience with Data Center migrations, server upgrades, O/S and firmware patching
  • Experience with web technologies such as HTML4/5, XML, SOAP and SOAPUI
  • Experience with middleware technologies Java runtime, and/or .NET runtime
  • Experience using configuration management systems such as GIT, Apache SVN, or AWS CodeCommit
  • Experience with network analysis software such as SD Elements, Splunk, Sniffer, Wireshark, or Microsoft Network Monitor
  • Experience with EMASS and RMF lifecycle
  • Self-starter that requires minimal direction and supervision; is open to new ideas, and is a creative and flexible individual who is comfortable working in a large, dynamic, and complex organization
  • Strong verbal and written communication skills, ability to thrive in a diverse, fast-changing environment
  • Experience being part of an Agile or Extreme Programming development team
  • ACAS training certificate strongly desired

Description

  • Applying DoD Security Technical Implementation Guide (STIG) to secure clients and servers
  • Applying SELinux, F5, and MDE on software pipeline applications and provides recommendations as necessary for mitigations or risk reports
  • Providing cyber engineering recommendations to comply with ACAS and CeDAR findings and executing mitigations when required
  • Managing security assessments of systems and system components using industry standard automated vulnerability scanning tools; vulnerability scanning tools may include Tenable Nessus and Security Content Automation Protocol (SCAP)
  • Performing daily system monitoring, verifying the integrity and availability of all hardware, Linux and Windows server resources, systems and key processes, reviewing system and application logs, and verifying completion of scheduled jobs such as backups
  • Applying standard industry best practices to evaluate, design, and upgrade enterprise and desktop technologies and configurations; performing virtualization, storage, and server management; and managing backups at various classification levels
  • Utilizing knowledge of DoD 8500 Series Policies (DoDD 8500.1, DoDI 8500.2, DoD 8500.01, DoDI 8510.01 (RMF), CNSSI 4009, CNSS 1253, and NIST Special Publication (SP) 800-53
  • Installing, modifying and maintaining systems, network elements and utility software on virtualized servers
  • Performing scheduled network tasks, updating anti-virus definition files, monitoring network servers, and providing internet and intranet user support
  • Maintaining current knowledge of relevant technologies, performing technology research/evaluation
  • Building trust with customers and fostering collaborative environment for team members and stakeholders

[#LI-JC1]

Clearance Information

SRC IS A CONTRACTOR FOR THE U.S. GOVERNMENT, THIS POSITION WILL REQUIRE U.S. CITIZENSHIP AS WELL AS, A U.S. GOVERNMENT SECURITY CLEARANCE AT THE SECRET LEVEL WITH TOP SECRET / SCI ELIGIBILITY

 

Travel Requirements

  • No travel required

Diversity & Inclusion

We strongly believe in the abundance of differences among individuals. We value different points of view and appreciate diverse perspectives. We truly believe this is what makes our organization inclusive and more responsive to the needs of our diverse customers.

EEO

Scientific Research Corporation is an equal opportunity and affirmative action employer that does not discriminate in employment.

 

All qualified applicants will receive consideration for employment without regard to their race, color, religion, sex, age, sexual orientation, gender identity, or national origin, disability or protected veteran status.

 

Scientific Research Corporation endeavors to make www.scires.com accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact jobs@scires.com for assistance. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications.

 

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.