Cyber Security Engineer – Scientific Research Corporation – Quantico, VA
Note: We may earn a commission from products or services when you click on a link and make a purchase.
Primary Duties & Responsibilities
- Achieve favorable A&A decisions from USMC/ Marine Corps Cyberspace Operations Group (MCCOG) stakeholders under RMF and using MCCAST
- Provide Cybersecurity oversight to ensure systems are developed and implemented using applicable advanced cyber defense solutions and protects & defends against infiltrations of exfiltration, and assures that the system is built to specification and is deployed successfully
- Provide network security expertise to ensure the safe and compliant operation of highly complex and highly secure data/communications network environments
- Perform in-depth network security analysis, and conduct preliminary incident response, event analysis, and threat intelligence
- Review security events that could be a detriment to the organization’s overall security stance
- Use RMF knowledge & expertise to perform all steps of the A&A process from control selection to continuous monitoring using USMC MCCAST tool
- Parse security information derived from ACAS scans and STIG check outputs to develop security artifacts to support A&A package submission and favorable authorization decision
- Use STIGviewer to manipulate .cvs files to efficiently develop A&A artifacts & documentation
- Support SRR (Security Readiness Review) and IV&V (Independent Verification and Validation) events, working with USMC Validator to describe & defend the security posture of the IT system under test
- develop all documents necessary to achieve favorable Navy and/or USMC authorization decisions for ATO and/or Test
- Lead program efforts to develop and execute system Security Plans & Security Assessment Reports
- Develop Visio diagrams reflecting architecture and accreditation boundary for accreditation purposes
- Develop and maintain the Plan of Actions and Milestones (POAM)
- Marine Corps Cyberspace Operations GroupDevelop & execute system logging procedures that meet DoD requirements
- Analyze, evaluate and report on system threats, vulnerabilities and risks, and plan and implement solutions that comply with DoD, DoN and USMC requirements
- IAVA/B management: Determine applicability of patches, test, and apply OS patches and CPUs
- Be able to interact well with customers and communicate technical information to a non-technical audience
- Be available for minimal travel as necessary
Need Security Training? Certifications at Your Own Pace
- IBM Cybersecurity Analyst Professional CertificateIntroduction to Cybersecurity Tools & Cyber Attacks by IBM
- Generative Adversarial Networks (GANs) Specialization from DeepLearning.AI
- Agile Leadership Specialization from the University of Colorado
- International Cyber Conflicts from the State University of New York (SUNY)
- IT Fundamentals for Cybersecurity Specialization by IBM
- Google Cloud Security Professional Certificate from Google Cloud
- Google Cloud Networking Professional Certificate from Google Cloud
- Introduction to Blockchain Specialization from Association of International Certified Professional Accountants
Minimum Skills & Requirements
- Demonstrated ability to achieve and maintain favorable Navy/USMC Authorization decisions under Risk Management Framework (RMF)
- Working knowledge of NIST (specifically including 800-53), FISMA and DISA security guidance
- Experience establishing baseline security controls based on NIST guidance
- Ability to apply Security Technical Implementation Guides hardware and software, and use Tenable’s security suite specifically including ACAS.
- Have a working knowledge of eMASS and Marine Corps Compliance and Authorization Support Tool (MCCAST) systems for Assessment and Authorization (A&A).
- Ability to communicate Cybersecurity requirements to network, systems and F5 WAF engineers ensure IT systems are designed and properly configured to meet all applicable DoD guidance to be granted and Authority To Operate (ATO)
- Must maintain Security+, CISSP or other qualifying security and OS certifications to comply with DoD 8570/8140
SRC IS A CONTRACTOR FOR THE U.S. GOVERNMENT, THIS POSITION WILL REQUIRE U.S. CITIZENSHIP AS WELL AS, A U.S. GOVERNMENT SECURITY CLEARANCE AT THE SECRET LEVEL
Scientific Research Corporation is an advanced information technology and engineering company that provides innovative products and services to government and private industry, as well as independent institutions. At the core of our capabilities is a seasoned team of highly skilled engineers and scientists with multidisciplinary backgrounds. This team is challenged daily to provide cutting-edge technology solutions to our clients.
Scientific Research Corporation offers a competitive salary, an extensive benefits package, and a work environment that encourages excellence. For positions requiring a security clearance, selected applicants will be subject to a government security investigation and must meet eligibility requirements for access to classified information.
Scientific Research Corporation is an equal opportunity and affirmative action employer that does not discriminate in employment.
All qualified applicants will receive consideration for employment without regard to their race, color, religion, sex, age, sexual orientation, gender identity, or national origin, disability, or protected veteran status.
Scientific Research Corporation endeavors to make www.scires.com accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact [email protected] for assistance. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications.