We are seeking a Cybersecurity Analyst/Information Systems Security Officer (ISSO) to join our IA team in supporting SRI's Menlo Park, CA facility. The successful candidate will provide oversight, policy, and procedure development, and related functions in compliance with NISPOM, RMF and ICD 503. As part of the IA Team, the position is responsible for operating, managing, and implementing security requirements both technical and administrative on classified systems.
- Developing and maintaining C&A packages for classified information systems.
- Preparing and analyzing test results for development into a POA&M.
- Providing information security support and technical security guidance in all phases of the system life cycle.
- Performing software patch installation, antivirus updates, and conducting security self-reviews.
- Ensuring configuration management (CM) for security-relevant software, hardware, and firmware is maintained and documented.
- Perform evaluation and obtain DAO authorization for new software, hardware, and firmware use before implementation on the system.
- Identifying security vulnerabilities and providing guidance on mitigating risk.
- Initiating, with the approval of the ISSM, protective or corrective measures when a security incident or vulnerability is discovered.
- Ensuring that system recovery processes are monitored to ensure that security features and procedures are properly restored.
- Representing IA in security, project, and technical exchange meetings.
- Perform system administration tasks to include desktop/server support, and network administration functions
- Must be available for occasional afterhours assistance. Limited travel within the continental United States will be required.
- Bachelor's degree or equivalent preferred. Combination of related industrial security experience will be considered.
- Possession of DoD 8570 certification, and completion of appropriate USG-sponsored (DOD, DNI, etc.) ISSO/ISSM training courses.
- Minimum of 3 years of C&A experience directly related to the NISPOM, RMF and ICD503 accreditation processes and 2 years in system administration/desktop support.
- Knowledge of RMF and ICD 503 practices required.
- A working knowledge of COMSEC equipment to include handling keying material and troubleshooting encryption devices.
- This position requires U.S. Citizenship and must have an active Top Secret security clearance and pass ICD704 eligibility.
- May require successful completion of a government administered polygraph test.
- Must have the ability to conduct validation testing using automated assessment tools.
- Must possess excellent communication, organizational and customer service skills.
- Experience in the use of both Linux and Windows Operating systems, in physical and virtual environments.
- Technical knowledge of computer and network hardware and software systems.
- Specialized knowledge in areas such as security training and awareness, computer forensic investigations, systems security administration, data recovery and network security control, design and implementation, as well as facility and physical security requirements.
- Lifting (max 40 lbs.) occasionally required. Must be able to manipulate hand tools.
When applying, please note that you saw the job posted on the NOVA Job Board. If you need help with your resumé, please see a NOVA Career Advisor.