SIGN IN
Cyber Security Analyst- ISSE jobs in United States
cer-icon
Apply on Employer Site
company-logo

Scientific Research Corporation · 20 hours ago

Cyber Security Analyst- ISSE

positionChantilly, VA, US
timeFull-time
remoteOnsite
seniorityEntry, Mid Level
date2+ years exp
Scientific Research Corporation is an advanced information technology and engineering company that provides innovative products and services to government and private industry. They are seeking a Cyber Security Analyst to develop and update assessment documentation, perform ongoing compliance assessments, and ensure systems are maintained according to security policies.
Biotechnology
check
Growth OpportunitiesbadNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Developing and updating assessment and authorization documentation (Body of Evidence) for management and continuous monitoring of information systems
Performing ongoing compliance assessments using tools, such as Assured Compliance Assessment Solution (ACAS), Secure Content Automation Protocol (SCAP), and McAfee Virus Scan Enterprise, while reviewing, documenting, and maintaining all results
Verifying patches and virus definitions to the systems using existing automated tools
Adhering to pre-defined configuration management and change management policies and procedures for authorizing software prior to its implementation on systems
Performing security audits to track multiple events including any signs of inappropriate or unusual activity, intrusion events, data transfers, etc
Performing security assessments of NCS Family of Systems in accordance with NIST, Navy, NSA and NAVINTEL IA guidance
Working with system engineers to take corrective action to resolve identified problems
Performing Site Based Security Assessments (SBSAs) of systems and recommending authorization to the Designated Authorizing Official (DAO) as a certified trusted agent
Reporting security incidents in accordance with the command incident response plan
Ensuring systems are operated, used, maintained, and disposed of in accordance with all applicable security policies and practices

Qualification

Risk Management Framework (RMF)Cybersecurity experienceScripting languagesContainer technologiesData flow diagramsSecurity auditsConfiguration managementWeb servers knowledgeSQL databases configurationWindowsUNIX standardsCommunication skillsTeam playerSelf-starter

Required

Must possess an active Top Secret/SCI clearance w/CI Poly (or willing to sit for CI Poly)
Must be able to be appointed ISSE for NCS systems within 6-months of employment
Experience in validation of POA&Ms, ACAC/Nessus, Jfrog Xray, SCAP, DISA STIGs and general RMF artifacts
Experience in applying STIG and security control hardening along with reverse engineering potential systematic operational functionality breaks with potential compensating risk management approaches
2-5 years of cybersecurity experience
Experience with Risk Management Framework (RMF) processes
Have developed communication skills and the ability to express thoughts and ideas clearly and concisely
Must be a team player, dedicated to program support, capable of multitasking and working several complex and diverse tasks with simultaneous or near simultaneous deadlines
Be a self-starter who is accountable and requires minimal direction and supervision
Be open to new and innovative ideas
Proficiency in a scripting language such as JavaScript, PHP, Python, Bash, Powershell, etc
Proven experience with container technologies (e.g., Docker, Podmon, Kubernettes)
Familiarity with the CI/CD tools such as BitBucket, Jenkins, SonarQube, Artifactory, and JFrog Xray
Experience developing custom automation scripts, specifically within a containerized CI/CD pipeline
Experience with Amazon EKS or other container orchestration platforms
Knowledge of data flows and the ability to work up readable network topology and data flow diagrams
Experience with the following systems/platforms/tools: XACTA, XACTA 360 (preferred), eMASS, HBSS, ACAS, Nessus, SPLUNK
Experience with NAVINTEL IA and NSA Enterprise Services, like Continuous Monitoring
Knowledge of the following web servers: Apache Web Server, Apache Tomcat, Red Hat JBOSS, nginx, MS IIS
Knowledge of VMWare ESXi
Knowledge of configuration of the following SQL databases: MS SQL, PostgreSQL, MongoDB, MariaDB, MySQL, Elasticsearch
Extensive training or experience with Windows and UNIX based Information Systems standards with a working knowledge of networking devices

Benefits

Medical, dental, and vision plans
401(k) with a company match
Life insurance
Vacation and sick paid time off accruals starting at 10 days of vacation and 5 days of sick leave annually
11 paid holidays
Tuition reimbursement

Company

Scientific Research Corporation

twittertwitter
Glassdoor4.5
company-logo
Scientific Research Corporation provides innovative solutions to the U.S. government, private industry, and international markets.
dateFounded in 1988
location
Atlanta, Georgia, USA
people-size1001-5000 employees
web-link
http://www.scires.com

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Tim W.
Chief Operating Officer
linkedin
leader-logo
Dolores Vogel
Learning and Development Business Partner
linkedin
Company data provided by crunchbase