Cybersecurity Engineer / ISSO

SARA is looking for a remarkably talented, motivated, and experienced Cybersecurity Engineer for our Colorado Springs location, to support operations and security activities in Colorado Springs, CO and Cypress, CA. The candidate will have the opportunity to support, grow and learn with talented engineers, physicists, and technicians on long-standing programs and new programs supporting our customers.

The primary function of this role is to serve as a Corporate and Special Access Program (SAP) Cybersecurity Engineer. The candidate will assist the Information Systems Security Manager (ISSM) with maintaining compliance for all classified computer systems and classified networks in accordance with US Government standards (such as ICD 503, JSIG, DoD RMF, DIACAP (DAAPM 2.2), NISPOM, NIST 800 family and CNSSI 1253). The Cybersecurity Engineer will help implement and maintain classified computer systems security plans in accordance with JSIG, DCSA, and DISA STIG system profiles. This individual will be called upon to perform weekly audits, support information assurance training programs, maintain security documentation, assist in security violation investigations, and assist with other aspects of security as required. Support will be provided in a Windows and LINUX/UNIX environment.

Core Responsibilities:

• Assist the ISSM on all system certifications and accreditation tasks
• Assist the ISSM as a point of contact for Information Assurance (IA) with government and prime contractor inquiries and concerns
• Provide review of customer required security plans to include AIS, CONOPS, OPSEC, -standard practices and procedures
• Interface with program management ensuring compliance with established program security plans and customer directives
• RMF package completions, reviews, and authorization schedule management to ensure renewal of annual Authorization to Operate
• Manage RMF packages un eMASS in accordance with NISP and DAAPM 2.2 standards
• Develop and administer users' security briefings to ensure all users are aware of all SSP requirements
• Identify, evaluate, and document all AIS and other equipment ensuring compliance with red/black engineering and Emanations Security requirements
• Perform self-inspections and investigations as required by government regulations
• Assist the ISSM in customer audits and inspections
• Assist the ISSM with obtaining our corporate network Cybersecurity Maturing Model Certification (CMMC)
• Research hardware and software to be used on classified systems coordinating the use as required by customer regulations
• Analyze, interpret, and verify AIS disaster recovery/contingency plans assuring the rapid recovery of AIS in the event of an emergency or disaster
• Manage IAVM and Vulnerability Management remediation efforts on a weekly basis
• Align and coordinate patching and hardening efforts to complement production schedules
• Prepare customer reports in a timely manner
• Learn and conduct COMSEC responsibilities

Requirements:

• Bachelor’s Degree (BA/BS) in Business, Cybersecurity, Information Technology or equivalent discipline
• Related experience may be considered in lieu of required education
• 6+ years of related experience
• Strong experience with eMASS, Risk Management Framework (RMF), NIST 800-53, NIST 800-171
• Experience with various information system security assessment/hardening tools - DISA STIGs, SCAP, STIG Viewer, Nessus, SIEMs, etc.
• Strong written, spoken, analytical, and interpersonal skills
• Strong technical problem-solving skills to ensure proper continuity in classified environment ensuring security implementation meets government requirements
• Must possess or be willing to obtain DoD 8570 certification IAM Level I – II (minimum Security+)
• SECRET security clearance
• US Citizenship required
• May require moderate physical effort, involving standing, sitting and use of hands while performing duties, carrying or lifting up to 50 pounds
• Working environment is indoor, moderately quiet, reasonably clean, well-lighted and well-ventilated, moderate physical hazards may exist

Preferred Qualifications:

• Systems administration experience - Active Directory, Group Policy, Server Management