Cyber Security Analyst / ISSO jobs in United States
cer-icon
Apply on Employer Site
company-logo

Scientific Research Corporation ยท 12 hours ago

Cyber Security Analyst / ISSO

positionWashington, DC
timeFull-time
remoteOnsite
senioritySenior Level
money$157,400/d - $262,300/d
date5+ years exp

Scientific Research Corporation is an advanced information technology and engineering company providing innovative products and services to government and private industry. The Cyber Security Analyst / Information System Security Officer (ISSO) will support the Defense Intelligence Agency (DIA) by conducting security assessments, continuous monitoring, and configuration management responsibilities for various information systems.

Biotechnology
check
Growth OpportunitiesbadNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Developing and updating assessment and authorization documentation (Body of Evidence) for management and continuous monitoring of information systems
Performing ongoing compliance assessments using tools, such as Assured Compliance Assessment Solution (ACAS), Secure Content Automation Protocol (SCAP), and Trellis Virus Scan Enterprise reviewing, documenting, and maintaining all results
Verifying patches and virus definitions to the systems using existing automated tools
Adhering to pre-defined configuration management and change management policies and procedures for authorizing software prior to its implementation on systems
Performing security audits using to track multiple events including any signs of inappropriate or unusual activity, intrusion events, data transfers, etc
Performing security assessments of DoD Family of Systems in accordance with National Institute of Standards and Technology (NIST), Navy, and NAVINTEL IA guidance, working with system engineers to take corrective action to resolve identified problems
Becoming a NAVINTEL IA ICOP Trusted Agent within 6-months
Performing Site Based Security Assessments (SBSAs) of systems and recommending authorization to the Designated Authorizing Official (DAO) as a certified Trusted Agent
Reporting security incidents in accordance with the Command Incident Response Plan
Ensuring systems are operated, used, maintained, and disposed of in accordance with all applicable security policies and practices

Qualification

Cybersecurity experienceDoD 8570-compliant certificationRisk Management FrameworkZero Trust EnvironmentISSO functions for containersSystem Security Plans (SSPs)Windows/Linux knowledgeContainer SecuritySQL databases configurationWeb Servers knowledgeNAVINTEL IA Enterprise ServicesHBSSACAS/NessusSPLUNKCommunication skillsTeam playerSelf-starter

Required

Must possess an active Top Secret, SCI eligible clearance
Ability to obtain CI Poly clearance
5 years of cybersecurity experience
Must currently hold a DoD 8570-compliant IAT II certification (SSCP or Security+CE with appropriate CE/OS certificate), and IAM II certification (CAP or CASP CE) or be able to obtain within six months, CE/OS certificate may include Windows or Linux
Experience with System Security Plans (SSPs), eMASS and/or Xacta, POA&Ms, ACAS/Nessus, SCAP, and DISA STIGs
Experience with Risk Management Framework processes
Experience working within a Zero Trust (ZT) Environment
Experience conducting ISSO functions for containers and Virtual Machines (VMs)
Have developed communication skills and the ability to express thoughts and ideas clearly and concisely
Must be a team player, dedicated to program support, capable of multitasking and working several complex and diverse tasks with simultaneous or near simultaneous deadlines
Be a self-starter who is accountable and requires minimal direction and supervision
Be open to new and innovative ideas
Must be able to be appointed ISSO for NCS systems within 6-months of employment

Preferred

Bachelor's degree in relative technical discipline
Active TS/SCI with CI Poly
Extensive training or experience with Windows based Information Systems standards with a working knowledge of networking devices
Knowledge of Container Security and best practices securing containerized applications
Knowledge of configuration of various SQL databases: MS SQL, PostgreSQL, MongoDB, MariaDB, MySQL, Elasticsearch
Knowledge of Web Servers: Apache Web Server, Apache Tomcat, Red Hat JBOSS, nginx, MS IIS
Knowledge of data flows and the ability to work up readable network topology and data flow diagrams
Experience with NAVINTEL IA Enterprise Services (Continuous Monitoring)
Experience with the following systems/platforms/tools: HBSS, ACAS/Nessus, and SPLUNK

Benefits

Medical, dental, and vision plans
401(k) with a company match
Life insurance
Vacation and sick paid time off accruals starting at 10 days of vacation and 5 days of sick leave annually
11 paid holidays
Tuition reimbursement

Company

Scientific Research Corporation

twittertwitter
Glassdoor4.5
company-logo
Scientific Research Corporation provides innovative solutions to the U.S. government, private industry, and international markets.
dateFounded in 1988
location
Atlanta, Georgia, USA
people-size1001-5000 employees
web-link
http://www.scires.com

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Tim W.
Chief Operating Officer
linkedin
leader-logo
Dolores Vogel
Learning and Development Business Partner
linkedin
Company data provided by crunchbase