Logo
Mercer Engineering Research Center

Mercer Engineering Research Center is hiring: Cybersecurity Specialist in Warner

Mercer Engineering Research Center, Warner Robins, GA, United States, 31099

Save Job

Join to apply for the Cybersecurity Specialist role at Mercer Engineering Research Center.

The Cybersecurity Specialist supports or performs cybersecurity operations for enterprise-based information technology (enclave, systems, or networks), platform-based information technology (systems or aircraft), and/or software development activities. The Cybersecurity Specialist may perform evaluations (compliance audits and/or a vulnerability assessments) and is involved in the establishment of strict program control processes to ensure risk mitigation and adherence to national, state, and local laws, and/or MERC policy. May work independently or as an Information System Security Officer (ISSO) under the direction of the Cyber Technical Lead, more senior cybersecurity personnel, and/or the Information System Security Manager (ISSM).

Responsibilities

  • Sustain network/information system security through testing, analysis, and application of policy and controls.
  • Obtain certification and accreditation of systems, to include process support, analysis support, coordination support, security certification test support, security documentation support, investigations, software research, hardware introduction and release, emerging technology research inspections, and periodic audits.
  • Conduct threat and risk analysis and analyze the business impact of new and existing systems and technologies to eliminate risk, performance, and capacity issues.
  • Implement vulnerability assessments and configuration audits of operational systems, web servers, and databases to detect patterns, insecure features, and malicious activities in the infrastructure.
  • Analyze, investigate, test, evaluate, and deploy security technology and procedures.
  • Run diagnostics on any changes to data to verify any undetected breaches.
  • Develop custom systems for specialized security features and procedures for software systems, networks, data centers, and hardware.
  • Develop and implement information security standards, guidelines, and procedures.
  • Observe, evaluate, and document security certification testing.
  • Develop, review, and evaluate system security plans, system security authorization agreements, systems and networks diagrams, security requirements traceability matrices, risk assessments, and associated information system authorization and accreditation documents.
  • Perform security incident evidence gathering and evaluations.
  • Perform incident remediation, review, and analysis.
  • Apply Security Technical Implementation Guides (STIGs).
  • Implement government policy (e.g., NISPOM, DCID 6/3) and make process tailoring recommendations.
  • Review static/dynamic analysis results and remediate.
  • Conduct counteractive protocols and report incidents.
  • Customize risk ratings for vulnerabilities based on company policies and maintain IT security controls documentation.
  • Use OWASP testing methodology, dynamic and static application security testing, re-engineering, automation, ASP.NET/JAVA, IDS/IPS systems, Burp Suite, Nmap, and Metasploit.
  • Participate in Technical Interchange Meetings with customers.
  • Adhere to approved MERC MSP quality management policies and principles, and promote continuous quality improvement.
  • Ensure familiarity with MERC core capabilities and with the MERC current and potential customer base, and remain alert for any problem or opportunity that might lead to additional business for any MERC core business area.
  • Submit suggestions for new business opportunities or report identified customer problems or opportunities to the Director of Acquisition Strategy through a Chief Engineer.

Required Qualifications

  • Ability to obtain and maintain a DoD Security Clearance.
  • An undergraduate degree in Cybersecurity, Computer Engineering, Computer Science, Computer Forensics, Information Assurance, or related information security focused degree from an ABET-accredited institution and 2 years of relevant experience; or a master’s degree in same and 1 year of relevant experience; or a PhD degree in same.
  • Proficient/expert in one of the following areas, competent in two areas, and novice/beginner in the remaining areas: software security, system administration, security testing, information assurance, design, implementation, validation, and compliance.
  • Certifications: CompTIA Security+ CE

Desired Qualifications

  • Certified Information Security Professional

Seniority level

  • Associate

Employment type

  • Full-time

Job function

  • Information Technology

Industries

  • Airlines and Aviation and Defense and Space Manufacturing
#J-18808-Ljbffr