Cybersecurity Engineer Job at Top Secret Clearance Jobs in Colorado Springs
Top Secret Clearance Jobs, Colorado Springs, CO, United States, 80509
About the job Cybersecurity Engineer
Top Secret Clearance Jobs is dedicated to helping those with the most exclusive security clearance find their next career opportunity and get interviews within 48 hours.
Estimated Starting Salary Range: USD $87,150.00/Yr. - USD $161,800.00/Yr.. Salary to be determined by the education, experience, knowledge, skills, and abilities of the applicant, internal equity, and alignment with market data. SRC offers a generous benefit package, including medical, dental, and vision plans, 401(k) with a company match, life insurance, vacation and sick paid time off accruals starting at 10 days of vacation and 5 days of sick leave annually, 11 paid holidays, tuition reimbursement, and more.
About UsScientific Research Corporation is an advanced information technology and engineering company that provides innovative products and services to government and private industry, as well as independent institutions. At the core of our capabilities is a seasoned team of highly skilled engineers and scientists with multidisciplinary backgrounds. This team is challenged daily to provide cutting edge technology solutions to our clients.
Scientific Research Corporation offers a competitive salary, an extensive benefits package and a work environment that encourages excellence. For positions requiring a security clearance, selected applicants will be subject to a government security investigation and must meet eligibility requirements for access to classified information.
Requirements
- 1-2 years combined cybersecurity experience holding one or more of the following roles: ISSE, ISSO, and/or Security Control Assessor (SCA)
- 2+ years of experience working with Windows and/or Red Hat Enterprise Linux (RHEL) systems administration
- Bachelors degree (Cybersecurity, Engineering, Computer Science, or related IT fields)
- Active DoD 8570 Level II Certification (e.g. Security+ CE, CCNA Security, etc.)
- Skilled in the use of Enterprise Mission Assurance Support Service (eMASS)
- Knowledgeable with Supply Chain Cyber Risk Management (SCRM)
- Knowledge of cybersecurity principles and DoD requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation)
- Knowledge of IT security principles and methods (e.g., firewalls, demilitarized zones, encryption, zero trust)
- Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code)
- Evaluates information systems for compliance with Defense Information Security Agency (DISA) Security Technical Implementation Guideline (STIG) and review measures needed to bring systems into compliance
- Conducts Assured Compliance Assessment Solution (ACAS) scans for STIG compliance checks
- Reviews Information Assurance Vulnerability Alerts (IAVA) for applicability and impact to N-NC
- Develops and/or updates the Plan of Action and Milestones (POA&M) to document all known vulnerabilities to correct or mitigate risks
- Analyzes changes affecting the organization's Authorization to Connect (ATC) risk level and cybersecurity posture and report findings
- Ensures that security design & distribution actions are evaluated, validated, and implemented as required
- Ensures that cybersecurity requirements are integrated into the continuity planning for that system and/or organization(s)
- Evaluates development efforts to ensure that baseline security safeguards are planned for and appropriately installed
- Identifies alternative information security strategies to address organizational security objectives of cyber taskings
- Assists the command ISSM in preparing, distributing, and maintaining plans, instructions, guidance, and standard operating procedures concerning the security of network system(s) operations and cybersecurity practices
- Reviews and recommends policy standards and implementation strategies to ensure procedures and guidelines comply with cybersecurity policies
- Develops, updates, and/or reviews ATO, IATT, ATC documentation to include, but not limited to, Security Plans, Implementation Plans, Test Plans, Test Results (ACAS, STIGs, etc.), POA&M, and Security Assessment Reports (SAR)
- Assesses system compliance against NIST and DoD security requirements to include the NIST 800-53 controls, and DISA Security Technical Implementation Guides (STIGs) and Security Requirements Guides (SRGs)
- Coordinates with other system SMEs to identify and develop authorization boundary diagrams, architecture diagrams, and hardware and software inventories
EEOScientific Research Corporation is an equal opportunity and affirmative action employer that does not discriminate in employment.
All qualified applicants will receive consideration for employment without regard to their race, color, religion, sex, age, sexual orientation, gender identity, or national origin, disability or protected veteran status.
Scientific Research Corporation endeavors to make www.scires.com accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact jobs@scires.com for assistance. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications.