Cyber Security Analyst

SRC is searching for a well-rounded Mid-Level Cybersecurity Engineer to test, analyze, evaluate, validate, and verify cybersecurity requirements for Information Technology (IT) systems in support of the installation requirements for the United States Space Command (USSPACECOM) Command and Control Facilities (C2F). Work supporting USSPACECOM will be conducted at the government's facilities in Colorado Springs, CO. Duties & Responsibilities include:

Evaluate information systems for compliance with Defense Information Security Agency (DISA) Security Technical Implementation Guideline (STIG), Security Requirements Guides (SRGs), and other applicable security measures needed to bring IS' into compliance
• Conduct Nessus Tenable scans (ACAS) for STIG compliance checks and RMF package progression/completion
• Review Information Assurance Vulnerability Alerts (IAVA) for applicability and impact to USSPACECOM systems
• Develop and/or update Plans of Action and Milestones (POA&Ms) to document all known vulnerabilities to correct or mitigate risks
• Analyze changes affecting the organization's accreditation efforts to ensure risk level and cybersecurity posture are socialized to applicable RMF action officers.
• Ensure that security, design & distribution actions are evaluated, validated, and implemented as required
• Ensuring that cybersecurity requirements are integrated into the continuity planning for that system and/or organization(s)
• Evaluating development efforts to ensure that baseline security safeguards are planned for and appropriately installed
• Identifying alternative information security strategies to address organizational security objectives of cyber taskings
• Assisting the Command-ISSM (C-ISSM) in preparing, distributing, and maintaining plans, instructions, guidance, and standard operating procedures concerning the security of network system(s) operations and cybersecurity practices
• Reviewing & recommending policy standards and implementation strategies to ensure procedures and guidelines comply with cybersecurity policies
• Developing, updating, and/or reviewing RMF Accreditation documentation to include, but not limited to, Security Plans, Implementation Plans, Test Plans, Test Results (ACAS, STIGs, etc.), POA&M, and Security Assessment Reports (SAR)
• Assessing system compliance against NIST and DoD security requirements to include the NIST 800-53 controls, and DISA Security Technical Implementation Guides (STIGs) and Security Requirements Guides (SRGs)
• Coordinating with other system SMEs to identify and develop authorization boundary diagrams, architecture diagrams, and hardware and software inventories

#LI-LH1

• 1-2 years combined cybersecurity experience holding one or more of the following roles: ISSO, Cybersecurity Analysts, and/or Systems/Network Administrator.
• 5+ years of experience working with Windows and/or Linux systems administration.
• Bachelor's Degree (e.g. Cybersecurity, Engineering, Computer Science, or related IT fields) and Active DoD 8570 Level II Certification (e.g. Security+ CE, CCNA, etc.)

• 5+ years of eMASS and/or XACTA experience
• Skilled in the use of Enterprise Mission Assurance Support Service (eMASS) and XACTA
• Knowledge of cybersecurity principles and DoD requirements (relevant to CIA SCRM/C-SCRM. RMF, AAA, etc.)
• Knowledge of IT security principles and methods (e.g., firewalls, demilitarized zones, encryption, zero trust)
• Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code)

SRC IS A CONTRACTOR FOR THE U.S. GOVERNMENT. THIS POSITION WILL REQUIRE U.S. CITIZENSHIP AS WELL AS A U.S. GOVERNMENT SECURITY CLEARANCE AT THE TOP SECRET / SCI LEVEL

• No Travel Required

Scientific Research Corporation is an advanced information technology and engineering company that provides innovative products and services to government and private industry, as well as independent institutions. At the core of our capabilities is a seasoned team of highly skilled engineers and scientists with multidisciplinary backgrounds. This team is challenged daily to provide cutting edge technology solutions to our clients.

SRC offers a generous benefit package, including medical, dental, and vision plans, 401(k) with a company match, life insurance, vacation and sick paid time off accruals starting at 10 days of vacation and 5 days of sick leave annually, 11 paid holidays, tuition reimbursement, and a work environment that encourages excellence and more. For positions requiring a security clearance, selected applicants will be subject to a government security investigation and must meet eligibility requirements for access to classified information.

Scientific Research Corporation is an equal opportunity employer that does not discriminate in employment.

All qualified applicants will receive consideration for employment without regard to their race, color, religion, sex, age, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other protected characteristic under federal, state or local law.

Scientific Research Corporation endeavors to make www.scires.com accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact jobs@scires.com for assistance. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications.