Cybersecurity RMF Engineer II

Company: Scientific Research
Location: North Charleston
Posted on: March 17, 2023

Job Description:

PRIMARY DUTIES & RESPONSIBILITIES: * Verifies configuration management and tracks security update implementation to the systems using existing automated tools * Adheres to pre-defined configuration management and change management policies and procedures for authorizing software prior to its implementation on systems * Ensures systems are operated, used, maintained, and disposed of in accordance with all applicable security policies and practices * Performs cybersecurity testing, analysis, and reporting by conducting the following: Assured Compliance Assessment Solution (ACAS) scans, Security Technical Implementation Guide (STIG) checks, port scanning, application code review, Risk Management Framework (RMF) control review, and Plan of Action and Milestone (POA&M) creation. * Provides in depth analysis on cybersecurity test results, remediation steps, and potential mitigating factor(s) * Supports the Information System Security Manager (ISSM) and Cybersecurity lead in meeting all RMF documentation, process, policy, risk assessment, testing, and continuous monitoring requirements per the NIST SP-800 series. * Provides RMF support for all future and/or new Assessment and Authorization (A&A) efforts. * Collaborates with the IPT Lead, PM, Developers, Engineers, and Test teams through guidance and options on how to meet all technical and policy security-control requirements. * Maintains security reporting compliance requirements outlined in the System SLCM Strategy MINIMUM SKILLS & REQUIREMENTS: * A minimum of two to five years of cybersecurity experience * Must currently hold a DoD 8570-compliant IAT II certification (SSCP or Security+CE with appropriate CE/OS certificate) or be able to obtain within six months. CE/OS certificate may include Windows or Linux * Experience with eMASS, SSPs, POA&Ms, ACAS/Nessus, SCAP, SCC Tool, Benchmarks, and STIG Viewer * Experience with Risk Management Framework processes * Have developed communication skills and the ability to express thoughts and ideas clearly and concisely * Must be capable of multitasking and working several complex and diverse tasks with simultaneous or near simultaneous deadlines * Be a self-starter who is accountable and requires minimal direction and supervision * Be open to new and innovative ideas * Be a team player willing to interface with client(s) and relay information back to team DESIRED SKILLS & REQUIREMENTS: * Experience in a RHEL environment is preferred * Experience with Networking Devices * Experience with DevSecOps * Experience with automation tools (Ansible, Puppet, Chef) preferred * NQV II or III preferred SRC IS A CONTRACTOR FOR THE U.S. GOVERNMENT, THIS POSITION WILL REQUIRE U.S. CITIZENSHIP AS WELL AS, A U.S. GOVERNMENT SECURITY CLEARANCE AT THE SECRET LEVEL WITH TOP SECRET ELIGIBILITY ABOUT US Scientific Research Corporation is an advanced information technology and engineering company that provides innovative products and services to government and private industry, as well as independent institutions. At the core of our capabilities is a seasoned team of highly skilled engineers and scientists with multidisciplinary backgrounds. This team is challenged daily to provide cutting edge technology solutions to our clients. Scientific Research Corporation offers a competitive salary, an extensive benefits package and a work environment that encourages excellence. For positions requiring a security clearance, selected applicants will be subject to a government security investigation and must meet eligibility requirements for access to classified information. DIVERSITY & INCLUSION We strongly believe in the abundance of differences among individuals. We value different points of view and appreciate diverse perspectives. We truly believe this is what makes our organization inclusive and more responsive to the needs of our diverse customers. EQUAL OPPORTUNITY EMPLOYER Scientific Research Corporation is an equal opportunity and affirmative action employer that does not discriminate in employment. All qualified applicants will receive consideration for employment without regard to their race, color, religion, sex, age, sexual orientation, gender identity, or national origin, disability or protected veteran status. Scientific Research Corporation endeavors to make www.scires.com accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact srchr@scires.com for assistance. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications. Covid 19 SRC does not currently require COVID-19 vaccinations for its employees. Pending the outcome of various court proceedings and resultant government action, SRC and all other Federal Contractor employees may be required, at some point in the future, to be fully vaccinated subject to accommodations for valid medical or religious reasons. Please visit https://www.saferfederalworkforce.gov/contractors/ to read more about the Federal Government's current position on COVID-19 vaccines for Federal Contractor employees. [#CJ #LI-JC1 ]

Keywords: Scientific Research, Charleston , Cybersecurity RMF Engineer II, Other , North Charleston, South Carolina