Information Systems Security Officer

Description

Working collaboratively with the Information Systems Security Manager (ISSM), this role plays a critical part in safeguarding our organization's valuable information assets. This includes actively evaluating, implementing, and monitoring a comprehensive range of security measures designed to protect our information systems, networks, and sensitive data. As a key contributor, you will play an integral role in shaping and implementing the team's overall security. This involves ensuring adherence to industry best practices, established security standards, and all relevant organizational policies.

• Conducting monthly security compliance assessments utilizing tools like ACAS, CS2 audit files, SCAP, and McAfee VirusScan Enterprise. Documenting, analyzing, and maintaining all assessment findings
• Assisting in the Risk Management Framework (RMF) authorization process, including the development and maintenance of artifacts for the Information System (IS) Body of Evidence (BoE)
• Supporting the execution of regular vulnerability assessments and penetration tests
• Ensuring system operation, use, maintenance, and disposal align with all applicable security policies and practices
• Verifying and maintaining system patches and virus definitions using automated tools
• Monitoring and analyzing system logs (audit trails) to detect and investigate security events
• Reporting security incidents according to the established Command Incident Response Plan
• Performing Configuration Management (CM) tasks, ensuring all hardware, software, and security-related functions are documented and maintained
• Adhering to pre-defined configuration and change management policies and procedures, particularly when authorizing new software for implementation on systems
• Assisting in developing and enforcing security policies and procedures to mitigate identified risks and maintain compliance
• Contributing to the implementation and maintenance of security controls such as firewalls and intrusion detection systems
• Assisting in Information Assurance (IA) activities for systems handling sensitive national security information
• Serving as a certified Trusted Agent, providing recommendations to the Designated Authorizing Official (DAO) regarding system authorization

#LI-AM1

Requirements

• Active Secret clearance with the ability to obtain and maintain a Top Secret/Sensitive Compartmented Information (TS/SCI) clearance.
• Bachelor's Degree in Information Technology, Information Assurance, Cybersecurity, or a related field.
• 4-6 years of relevant experience in information security, cybersecurity, or a related field.
• Demonstrated knowledge of the Risk Management Framework (RMF) and its practical application throughout the System Development Life Cycle (SDLC).
• Proficiency in Linux operating systems, networking devices, and virtualization technologies (e.g., VMware ESXi).
• Experience with web server security and cloud security platforms (e.g., AWS, Azure).
• Understanding of DevSecOps principles and best practices.
• Familiarity with common communication protocols, encryption techniques, and SQL databases.
• Excellent written and verbal communication skills, with the ability to effectively communicate technical information to both technical and non-technical audiences.
• Strong organizational skills, attention to detail, and the ability to work independently and as part of a team.
• Highly motivated, proactive, and adaptable to changing priorities and operational needs.
• CompTIA Security+ certification

Desired Skills

Clearance Information

SRC IS A CONTRACTOR FOR THE U.S. GOVERNMENT, THIS POSITION WILL REQUIRE U.S. CITIZENSHIP AS WELL AS, A U.S. GOVERNMENT SECURITY CLEARANCE AT THE SECRET LEVEL WITH TOP SECRET / SCI ELIGIBILITY

Travel Requirements

• Minimal travel within the continental US may be required (up to 10%)

About Us

Scientific Research Corporation is an advanced information technology and engineering company that provides innovative products and services to government and private industry, as well as independent institutions. At the core of our capabilities is a seasoned team of highly skilled engineers and scientists with multidisciplinary backgrounds. This team is challenged daily to provide cutting edge technology solutions to our clients.

SRC offers a generous benefit package, including medical, dental, and vision plans, 401(k) with a company match, life insurance, vacation and sick paid time off accruals starting at 10 days of vacation and 5 days of sick leave annually, 11 paid holidays, tuition reimbursement, and a work environment that encourages excellence and more. For positions requiring a security clearance, selected applicants will be subject to a government security investigation and must meet eligibility requirements for access to classified information.

Diversity & Inclusion

We strongly believe in the abundance of differences among individuals. We value different points of view and appreciate diverse perspectives. We truly believe this is what makes our organization inclusive and more responsive to the needs of our diverse customers.

EEO

Scientific Research Corporation is an equal opportunity and affirmative action employer that does not discriminate in employment.

All qualified applicants will receive consideration for employment without regard to their race, color, religion, sex, age, sexual orientation, gender identity, or national origin, disability or protected veteran status.Scientific Research Corporation endeavors to make www.scires.com accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact jobs@scires.com for assistance. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications.