Information System Security Specialist III

San Diego, CA, United States

MINIMUM SKILLS & REQUIREMENTS:

Bachelor of Science (BS) degree in Computer Science, Cybersecurity, Cybersecurity Management and Policy, Engineering or a related field

10 years of experience on C4ISR projects with significant contributions in two or more of the following CS/IA areas: CS/IA Compliance; Software Assurance and Security Engineering; Systems Security Architecture; Systems Security Analysis; Computer Network Defense (CND) Analysis; Threat Analysis; Exploitation Analysis

Five plus (5+) years of practical experience in Cybersecurity, Security Test and Evaluation (T&E) or Assessment and Authorization (A&A)

Experience with evaluating security vulnerabilities, developing mitigation strategies, or implementing remediation activities according to RMF and Test and Evaluation (T&E) guidance

Experience with security tools and devices, including network firewalls, web proxy, intrusion prevention systems, vulnerability scanners, or penetration tools

Experience providing cyber support services (such as training services and cyber metrics collection, analysis, and presentation)

Certified Information Systems Security Professional (CISSP), CompTIA Cyber Security Analyst (CySA+) CompTIA Advanced Security Practitioner (CASP)+, Certified Secure Software Lifecycle Professional (CSSLP), Certified Information Security Manager (CISM), Certified Analytics Professional (CAP), GIAC Security Leadership Certification (GSLC) or Certified Chief Information Security Officer (CCISO)

Active TS/SCI clearance

DESIRED SKILLS & REQUIREMENTS:

Experience leading in leading and/or mentoring large CS/IA teams

Experience with the system engineering life cycle, including requirements, design, development, integration, testing, and deployment

Experience in assessing, analyzing, and providing recommendations to include CND, High Assurance, and Information Systems Security Engineering (ISSE) for critical CS/IA capabilities covering Navy General Service (GENSER) National Security System (NSS) and Defense Business System (DBS) including non- traditional IS, combat weapons systems, shipboard aviation systems, HM&E, ICS/NCS and SCADA

Experience with CSTA standards and Defense-in-Depth Functional Implementation Architecture (DFIA) / Defense-in-Depth Functional Implementation Architecture Network Transformation (DFIANT) implementation/development

SRC IS A CONTRACTOR FOR THE U.S. GOVERNMENT. THIS POSITION WILL REQUIRE U.S. CITIZENSHIP AS WELL AS A U.S. GOVERNMENT SECURITY CLEARANCE AT THE TOP SECRET / SCI LEVEL.

ABOUT US

Scientific Research Corporation is an advanced information technology and engineering company that provides innovative products and services to government and private industry, as well as independent institutions. At the core of our capabilities is a seasoned team of highly skilled engineers and scientists with multidisciplinary backgrounds. This team is challenged daily to provide cutting edge technology solutions to our clients.

Scientific Research Corporation offers a competitive salary, an extensive benefits package and a work environment that encourages excellence. For positions requiring a security clearance, selected applicants will be subject to a government security investigation and must meet eligibility requirements for access to classified information.

DIVERSITY & INCLUSION

We strongly believe in the abundance of differences among individuals. We value different points of view and appreciate diverse perspectives. We truly believe this is what makes our organization inclusive and more responsive to the needs of our diverse customers.

EQUAL OPPORTUNITY EMPLOYER

Scientific Research Corporation is an equal opportunity and affirmative action employer that does not discriminate in employment.

All qualified applicants will receive consideration for employment without regard to their race, color, religion, sex, age, sexual orientation, gender identity, or national origin, disability or protected veteran status.

Scientific Research Corporation endeavors to make accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact for assistance. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications.

[#CJ #LI-AM1]

FILLING THIS POSITION IS CONTINGENT UPON FUNDING

Scientific Research Corporation (SRC) is looking for a Senior Cybersecurity Engineer to participate in a team tasked with providing Naval Information Warfare Center (NIWC) Pacific with a broad range of cybersecurity capability- development, reviews, testing, training, threat and risk assessments, engineering process improvement and Assessment and Authorization (A&A) Services.

The task will require the Senior Cybersecurity Engineer to assist in developing, analyzing, and implementing cybersecurity technical standards, tools, processes in support of Technical Authorities and the Cybersecurity Technical Authority Board (TAB). The ideal candidate will have a broad range of Cybersecurity/Information Assurance (CS/IA) experience with Navy Command, Control, Communications, Computers, Intelligence, Surveillance and Reconnaissance (C4ISR) projects, inclusive of Cybersecurity Technical Authority (CSTA), Navy Cyber Situational Awareness (NCSA), and Risk Management Framework (RMF) up to the Top Secret/Sensitive Compartmented Information (TS/SCI) level.

This position will directly support NIWC Pacific on-site in San Diego, CA.

PRIMARY DUTIES & RESPONSIBILITIES:

Leads the RMF process (i.e., artifact development, implementation of security controls/requirements, mitigation tracking, and controls validation) necessary to lead to successful Authority to Operate (ATO) of the application

Audits security controls and provides technical direction and assistance with corrective or mitigation actions

Performs continuous monitoring tasks

Performs cybersecurity testing and analysis, to include Security Technical Implementation Guides (STIGs), Security Content Automation Process (SCAP) scans, Assured Compliance Assessment Solution (ACAS) scans, Host Based Security System (HBSS), penetration testing, and software assurance

Ensures information systems maintain accreditation and compliance with federal standards

Collaborates with engineers to address, mitigate, and resolve known vulnerabilities

Coordinates with program managers and engineers to plan authorization schedule, coordinate testing, and maintain the Plan of Action and Milestones

Makes recommendations on cybersecurity risks and mitigations in support of Integrated Product Teams (IPT) reviews, Systems Engineering Technical Reviews (SETR), Platform Technical Review Board (PTRB) reviews and Configuration Change Board (CCB)

#J-18808-Ljbffr