Senior Cyber Security Analyst

Scientific Research Corporation Falls Church, VA
Scientific Research Corporation is an advanced information technology engineering company that provides innovative products and services to government and private industry, as well as independent institutions. At the core of our capabilities is a seasoned team of highly skilled engineers and scientists with multidisciplinary backgrounds. This team is challenged daily to provide cutting edge technology solutions to our clients.


This position is contingent upon award.

In the role of Senior Cyber Security Analyst, reporting to the Program Manager, Project Manager or Team Lead, you will support assessment and authorization (A&A) and Independent Validation and Verification (IV&V) activities by implementing policies and procedures, assessing security controls, and monitoring information system security posture to the Defense Health Agency (DHA) and the Military Health System (MHS) community of interest. The successful candidate will directly support project execution of CS and Information Assurance (IA) services at MHS locations throughout the Continental US (CONUS) and Outside the Continental US (OCONUS) areas.

Perform the following duties:

* Lead the implementation of policies, processes, and procedures that address security requirements

* Investigate and analyze implemented security processes to identify shortfalls

* Perform formal security assessments to determine whether security controls are in-place, operating as intended, and producing desired results

* Assess risk to determine the appropriate risk response

* Perform vulnerability assessments, analyzing networks, intrusion detection, and implement counter measures

* Execute continuous monitoring of systems to include analyzing vulnerability scan results, Information Assurance Vulnerability Alerts (IAVA), and reporting results

* Monitor Plan of Action and Milestones (POA&M), tracking corrective actions until all actions are closed

* Make recommendations to address security vulnerabilities and residual risk

Scientific Research Corporation offers a competitive salary, an extensive benefits package and a work environment that encourages excellence. Applicants selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information.

Scientific Research Corporation is an equal opportunity and affirmative action employer that does not discriminate in employment.

All qualified applicants will receive consideration for employment without regard to their race, color, religion, sex, sexual orientation, gender identity, or national origin, disability or protected veteran status.



* Bachelor of Science Degree in a relevant technical field

* Fifteen (15) years of hands-on experience with Information Technology, to include three of the following areas:

* program management and strategic planning

* Systems Requirements

* HIPAA requirements

* Medical Systems

* Navy Medical

* Operational Requirements

* Enterprise Strategic Planning and operations

* Test & Evaluation, and Training

* Four (4) years of your experience should demonstrate your ability to plan and lead a technical/engineering team in multiple, diverse engineering disciplines

* Demonstrated experience in at least two of the following areas:

* Ability to plan and organize work and interact with technical and non-technical personnel translating user requirements into responsive applications

* Demonstrated detailed knowledge of IA concepts and requirements

* Demonstrated comprehensive knowledge of DOD military specifications and standards

* System design integration planning for multiple large-scale installations.

* Hardware and software Evaluation

* Application and System Assessments, planning execution and management.

* System requirements planning and oversight

* Technical development product milestone scheduling

* Demonstrated comprehensive knowledge of FISMA and HIPAA IA requirements

* Information Security Management and Information Systems Audit


* Strong IT technical background/certifications (MCP, CCNA, CCDA, RHCSA, Network+, etc.)

* Strong IT security background/certifications (Security+, SSCP, GSEC, CSSP, CISSP, CAP, GSLC, etc.)

* Demonstrated industry and public service leadership in one or more of the following:

* Medical systems, FISMA, & HIPAA law

* Advanced system architecture, hardware technologies & digital/analog communications technologies

* Applied physics

* Human factors engineering

* Computer simulation

* Electronic sensor technologies

* Enterprise Resource Planning (ERP)

* Risk Management Framework (RMF)