About us

Strategic Resources, Inc. (SRI) is a leader in providing Information Technology support to the Department of Defense. We are an international, ISO 9001:2015 Certified, CMMI Level 3 Rated full-service provider with more than 34 years of experience in the Federal, Military, and Commercial Marketplaces. SRI is seeking committed and knowledgeable Information Assurance Compliance Specialist to provide Cybersecurity Support Services to the Naval Surface Warfare Center, Philadelphia Division (NSWCPD) located in Philadelphia, PA. Telework may be authorized based on schedule and assigned task. Some travel is required (15%).

Overview: The NSWCPD Propulsion, Power & Auxiliary Machinery Systems Department 40 performs life cycle management services on Hull and Deck Machinery systems. This includes all aspects of cybersecurity on those systems, including development and validation of Cybersecurity, Engineering, T&E, A&A, Risk Management Framework (RMF) packages and artifacts.

Tasks & Responsibilities:

• Collects and collates system or site information and use it to evaluate and document in Enterprise Mission Assurance Support Service (eMASS) the security posture of the cargo/weapons handling system or site being Assessed, Authorized, and maintained.
• Reviews security assessment plans, test plans, and procedures to ensure they addresses the correct level of effort and are sufficiently comprehensive to assess all Information Assurance (IA)
• Optimizes A&A and AO testing Evaluates all discrepancies and recommends potential mitigation measures for reducing or eliminating specific risks.
• Conducts risk and vulnerability assessments.
• Conducts systems security reviews, audits, or evaluations, as appropriate, to ensure accreditation documents are accurate and represent the current risk posture of the system.
• Works with the Information System Owner/ISSO/System Administrators equivalent to NSWCPD’s Information System Security Officer (ISSO) to determine applicable fixes and/or mitigation for weaknesses and to determine the adequate level of residual risk.
• Performs analysis of logs, events, and reporting of various data collections tools.
• Assesses impacts from observed risks and report via the Cybersecurity Program chain of command.
• Performs the evaluation of system administrator, security engineer, and/or system owner proposed corrections to ensure compliance and best-fit solution.
• Presents and submits data to management, develop reports, and produce procedural documentation in a comprehensive and cohesive manner.
• Performs risk management and security engineering for Research, Development, Testing, and Evaluation; perform risk management and security engineering for Research, Development, Testing, and Evaluation (RDT&E).
• Develops all required eMASS documents, to include Plan of Actions and Milestones (POA&Ms)/ Risk Assessment Reports (RARs) and Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs); products shall be created in the appropriate software (i.e. Microsoft Visio, scanning software, eMASS DISA STIG Viewer, etc.)
• Determines a system’s compliance with all applicable Controls and Assessment Procedures (APs) for an assigned DoN system, including developing the appropriate test procedures, if necessary; executing the test procedures; and accurately documenting the results of security
• Maintains current vulnerability scan data and residual risk plan of actions and milestones in Vulnerability Remediation Asset Manager (VRAM).
• Tracks deliverables and action items in accordance with A&A guidance.
• Manages, attends, and supports configuration control board practices.
• Ensures RMF artifacts are in compliance with published Navy, NAVSEA Business Rules (OPNAV N2N6 and/or NAVSEA), NIST SP-800-37 and SP-800-53 Rev 4.
• Creates and verifies the accuracy of POA&Ms/RARs as identified by vulnerability actual test
• Ensures information systems are operated, used, maintained, and disposed of in accordance with security policies and practices as required by the authorization package and NSWCPD.
• Test system to verify adequate functionality for mission or project requirements.

Required Skills, Education, Experience & Abilities:

• Bachelor’s degree from accredited University or CNSSI 4012 or 4013 or 4014 or 4015 or 4016 Certificate or NDU CISO certificate or successful completion of at least one of the following military training courses: NEC 2780 (CIN: A-531-0022) or 2779 (CIN: A-531-0009) or 2781 (CIN: A-531-0045) (or DOD Service equivalent).
• Possess at least one of the following certificates: CCNA Security; CySA+; GICSP; GSEC; Security+ CE; SSCP; ENSA
• Validated 3-5 years specialized entry-level experience in Specialty Area 61 (Information Assurance Compliance).
• As a member of Cybersecurity Workforce individual will need to maintain a minimum of 40 continuing education hours per year.
• Ability to travel in CONUS and OCONUS (15%).

Security Requirements:

• Active Secret Clearance Preferred; able to obtain a Secret Clearance.

*This job posting is in response to a request for proposals from the DoD. By applying in advance of the award of the contract, SRI will be able to consider and pre-qualify applicants, should SRI be awarded the contract. This potential work is scheduled to begin in August 2023.

Job Type: Full-time

Benefits:

• 401(k)
• 401(k) matching
• Dental insurance
• Employee discount
• Flexible spending account
• Health insurance
• Health savings account
• Life insurance
• Paid time off
• Referral program
• Tuition reimbursement
• Vision insurance

Schedule:

• 8 hour shift

Ability to commute/relocate:

• Philadelphia, PA: Reliably commute or planning to relocate before starting work (Required)

Experience:

• specialized entry-level Information Assurance Compliance: 3 years (Preferred)

Work Location: In person

Please Note :
epokagency.com is the go-to platform for job seekers looking for the best job postings from around the web. With a focus on quality, the platform guarantees that all job postings are from reliable sources and are up-to-date. It also offers a variety of tools to help users find the perfect job for them, such as searching by location and filtering by industry. Furthermore, epokagency.com provides helpful resources like resume tips and career advice to give job seekers an edge in their search. With its commitment to quality and user-friendliness, Site.com is the ideal place to find your next job.