Senior Cybersecurity & Compliance Engineer

Scientific Research Corporation•Huntsville, AL

18h•Onsite

About The Position

Scientific Research Corporation (SRC) is seeking a Cybersecurity & Compliance Engineer to join their multidisciplinary team supporting the U.S. Space Command (USSPACECOM) transition to Huntsville, AL. This role is a critical component of the cybersecurity and Risk Management Framework (RMF) activities for both temporary GSA facility enclaves and the long-term MILCON headquarters build-out. The engineer will serve as a lead technical integrator, ensuring that all IT, Network, and Facility-Related Control Systems (FRCS) are designed, implemented, and authorized according to strict DoD and USSPACECOM cybersecurity requirements. SRC aims to bring motivated, highly skilled, and creative people together to solve government problems with cutting-edge technology, offering a supportive environment that encourages professional growth through various learning opportunities.

Requirements

Bachelors degree in Cybersecurity, IT, or Engineering
3–5 years of experience in DoD RMF (DoDI 8510.01 / NIST SP 800-53)
Hands-on experience with eMASS or XACTA
DoD 8140/8570 Compliance
Mandatory IAT Level II certification; this position is a "Privileged Use" role
Must hold a current Security+ CE or equivalent baseline certification

Nice To Haves

Manage full-spectrum Assessment and Authorization (A&A) through all six steps of the RMF process in support of the Command-ISSM
Directly develop and maintain a robust library of RMF artifacts, including System Security Plans (SSP), POA&Ms, and Security Assessment Reports (SAR) via eMASS and XACTA
Experience providing cybersecurity oversight for IT, OT, and FRCS within high-security SCIF and SAP-F environments
Conduct advanced vulnerability management activities, including ACAS/Nessus scan coordination, log analysis, and remediation validation
Engineer the integration of Cyber Network Defense (CND) tools such as Trellix (HBSS/ePO) and endpoint protection platforms
Ability to conduct technical reviews of network diagrams and system architectures to identify and mitigate compliance gaps early in the design phase
Ability to implement Supply Chain Risk Management (C-SCRM) protocols for critical infrastructure entering secure facilities

Responsibilities

Serve as a lead technical integrator, ensuring that all IT, Network, and Facility-Related Control Systems (FRCS) are designed, implemented, and authorized according to strict DoD and USSPACECOM cybersecurity requirements.
Defining Confidentiality, Integrity, Availability (CIA) thresholds as measurable KPPs
Ensuring compliance with DoDI 8510.01 (RMF), NIST SP 800-53, DoD Cloud SRG, and enclave-specific requirements (NIPRNet, SIPRNet, JWICS)
Advising on requirements gathering tools (Excel, DOORS, or recommended alternative) to support traceability and secure data handling
Identifying and advises on trade-offs between performance and cybersecurity (e.g., resilience vs. confidentiality)
Ensuring reciprocity and leverages NIWC/SETA prior requirements work where applicable

Benefits

Medical plans
Dental plans
Vision plans
401(k) with a company match
Life insurance
Vacation and sick paid time off accruals starting at 10 days of vacation and 5 days of sick leave annually
11 paid holidays
Tuition reimbursement
Work environment that encourages excellence and more

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume