Cyber Range Information Systems Security Officer (ISSO)

Supporting A&A processes (Assessment & Authorization) by developing artifacts, implementing policies, assessing security controls, and ensuring compliance with Federal, DoD, and Intelligence Community (IC) standards
• Monitoring and assessing cybersecurity posture by conducting regular vulnerability and compliance assessments, reviewing system security configurations, and coordinating responses to potential threats and incidents
• Assisting in the implementation of security solutions, including firewalls, IDS/IPS, and endpoint protection software, and assist with their configuration and testing
• Conducting risk assessments and assisting in identifying and mitigating cybersecurity risks based on system vulnerabilities, potential threats, and overall risk exposure
• Tracking and managing security risks through a Plan of Action and Milestones (POA&M), ensuring corrective actions are applied, documented, and closed within established timelines
• Assisting in incident response activities, including analyzing security incidents, escalating as needed, and performing root cause analysis for systemic vulnerabilities
• Collaborating with the Government's security team to ensure security controls are implemented and continuously updated to address new and emerging threats
• Maintaining and updating documentation for system security policies, standards, and procedures related to cybersecurity
• Providing support for security audits, risk assessments, and continuous monitoring activities
• Supporting the creation and execution of incident response plans, ensuring that mitigation strategies are in place and that security incidents are handled swiftly and efficiently

#LI-DH1

• Bachelor's or master's degree in information systems, Cybersecurity, or related field, or equivalent combination of education and experience
• Minimum of 5-8 years of direct experience in cybersecurity, with at least 3 years of hands-on experience in an ISSO or security role, preferably with DoD or government entities
• Current Top-Secret clearance with SCI eligibility or ability to obtain SCI clearance
• Demonstrated experience with cybersecurity principles and risk management frameworks (RMF, NIST, etc.)
• Comprehensive knowledge in key cybersecurity areas including incident response, security control implementation, risk analysis, and system assessments
• Ability to plan, assess, and implement security controls, monitor system security, and track issues to resolution
• Experience working with and supporting cybersecurity governance and regulatory compliance requirements
• Strong ability to communicate security issues, risks, and mitigations to stakeholders at various levels (technical and non-technical)
• Team-oriented with leadership potential to guide and mentor junior staff as needed
• Proficient in using security tools such as SIEM, vulnerability scanners, security technical implementation guide (STIG) and risk management systems

• Certifications:
• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• Certified in Risk and Information Systems Control (CRISC)
• Offensive Security Certified Professional (OSCP)
• Additional DoD security certifications (e.g., IAM, IEM)
• Extensive DoD experience and knowledge of DoD Cybersecurity policies and frameworks
• Experience working in Sensitive Compartmented Information (SCI) environments
• Knowledge of vulnerability management and compliance tools and their integration into risk mitigation strategies

SRC IS A CONTRACTOR FOR THE U.S. GOVERNMENT, THIS POSITION WILL REQUIRE U.S. CITIZENSHIP AS WELL AS, A U.S. GOVERNMENT SECURITY CLEARANCE AT THE TOP SECRET LEVEL WITH SCI ELIGIBILITY

• Minimal (<10%)

Scientific Research Corporation is an advanced information technology and engineering company that provides innovative products and services to government and private industry, as well as independent institutions. At the core of our capabilities is a seasoned team of highly skilled engineers and scientists with multidisciplinary backgrounds. This team is challenged daily to provide cutting edge technology solutions to our clients.

SRC offers a generous benefit package, including medical, dental, and vision plans, 401(k) with a company match, life insurance, vacation and sick paid time off accruals starting at 10 days of vacation and 5 days of sick leave annually, 11 paid holidays, tuition reimbursement, and a work environment that encourages excellence and more. For positions requiring a security clearance, selected applicants will be subject to a government security investigation and must meet eligibility requirements for access to classified information.

Scientific Research Corporation is an equal opportunity employer that does not discriminate in employment.

All qualified applicants will receive consideration for employment without regard to their race, color, religion, sex, age, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other protected characteristic under federal, state or local law.

Scientific Research Corporation endeavors to make www.scires.com accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact jobs@scires.com for assistance. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications.