Cybersecurity Engineer
Location
US-CO-Colorado Springs
ID
2024-8887
Category
Cyber Security
Position Type
Regular Full-Time
Salary Statement
Estimated Starting Salary Range: USD $87,150.00/Yr. - USD
$161,800.00/Yr.. Salary to be determined by the education,
experience, knowledge, skills, and abilities of the applicant,
internal equity, and alignment with market data. SRC offers a generous
benefit package, including medical, dental, and vision plans,
401(k) with a company match, life insurance, vacation and sick paid
time off accruals starting at 10 days of vacation and 5 days of sick leave
annually, 11 paid holidays, tuition reimbursement, and more.
About Us
Scientific Research Corporation is an advanced information technology and
engineering company that provides innovative products and services to
government and private industry, as well as independent institutions. At the
core of our capabilities is a seasoned team of highly skilled engineers and
scientists with multidisciplinary backgrounds. This team is challenged daily
to provide cutting edge technology solutions to our clients.
Scientific Research Corporation offers a competitive salary, an extensive
benefits package and a work environment that encourages excellence. For
positions requiring a security clearance, selected applicants will be
subject to a government security investigation and must meet eligibility
requirements for access to classified information.
Requirements
1-2 years combined cybersecurity experience holding one or more of the
following roles: ISSE, ISSO, and/or Security Control Assessor (SCA)
2+ years of experience working with Windows and/or Red Hat Enterprise
Linux (RHEL) systems administration
Bachelors degree (Cybersecurity, Engineering, Computer Science, or
related IT fields)
Active DoD 8570 Level II Certification (e.g. Security+ CE, CCNA
Security, etc.)
Desired Skills
Skilled in the use of Enterprise Mission Assurance Support Service (eMASS)
Knowledgeable with Supply Chain Cyber Risk Management (SCRM)
Knowledge of cybersecurity principles and DoD requirements (relevant to
confidentiality, integrity, availability, authentication, non-repudiation)
Knowledge of IT security principles and methods (e.g., firewalls,
demilitarized zones, encryption, zero trust)
Knowledge of system and application security threats and vulnerabilities
(e.g., buffer overflow, mobile code, cross-site scripting,
Procedural Language/Structured Query Language [PL/SQL] and
injections, race conditions, covert channel, replay, return-oriented
attacks, m
Description
Scientific Research Corporation (SRC) is an advanced information
technology engineering company that provides innovative products and services
to government and private industry, as well as independent institutions. At
the core of our capabilities is a seasoned team of highly skilled engineers
and scientists with multidisciplinary backgrounds. This team is challenged
daily to provide cutting edge technology solutions to our clients. SRC is
searching for a well-rounded Cybersecurity Engineer to test, analyze,
evaluate, validate, and verify cybersecurity requirements for North
American Aerospace Defense Command (NORAD) and United States Northern
Command (USNORTHCOM) systems. These systems consist of an on-premises
Nutanix Hyper-Converged Private Cloud utilizing VMware ESXi Hypervisor and
associated products, with future migration to Nutanix's native Hypervisor.
The Private Cloud hosts NORAD and USNORTHCOM Mission Applications and Web
Services including the Situational Awareness Geospatial Enterprise (SAGE)
and Air Event Information Sharing Service (A/EISS) applications, as
well as the Global Command and Control System-Joint (GCCS-J) Program of
Record (PoR) Systems and Information Technology (IT) infrastructure
including Red Hat Enterprise Linux (RHEL) servers. Sustainment of NORAD
and USNORTHCOM systems will be conducted at the government's facilities in
Colo
Evaluates information systems for compliance with Defense Information Security
Agency (DISA) Security Technical Implementation Guideline (STIG) and
review measures needed to bring systems into compliance
Conducts Assured Compliance Assessment Solution (ACAS) scans for STIG
compliance checks
Reviews Information Assurance Vulnerability Alerts (IAVA) for
applicability and impact to N-NC
Develops and/or updates the Plan of Action and Milestones (POA&M) to
document all known vulnerabilities to correct or mitigate risks
Analyzes changes affecting the organization's Authorization to Connect
(ATC) risk level and cybersecurity posture and report findings
Ensures that security design & distribution actions are evaluated,
validated, and implemented as required
Ensures that cybersecurity requirements are integrated into the continuity
planning for that system and/or organization(s)
S:SKGEO
