Cybersecurity System Administrator

Bevilacqua Research Corporation (BRC) is a Service Disabled Veteran Owned, Small Business based in Huntsville, Alabama incorporated in 1992. BRC provides "best-value" technical and management solutions to a diverse government and commercial customer base in the following key business areas: test & evaluation, systems analysis & integration, security & intelligence, and R&D.

The primary responsibilities of this position are to maintain MOD-0's Authorization to Operate (ATO) and move MOD-1 through the RMF process to gain its ATO.

Secondary objective is to oversee Risk Management Framework (RMF) compliance and governance supporting the NAVITTAR MOD's.

Responsibilities:

• ACAS
• STIG
• Self-motivated
• Subject Matter Expert (SME) on cybersecurity testing processes such as Security Technical Implementation Guides (STIGs), Security Content Automation Protocol (SCAP), Evaluate STIG and Assured Compliance Assessment Solution (ACAS) scanning.
• Provide mitigation statements for open vulnerabilities when appropriate and coordinate with JEXC2 engineers/technicians to development mitigation statements when necessary.
• Monitor configuration management (CM) of system security controls across all types of JEXC2 systems and the upkeep of Plan of Action and Milestones (POAM) of each accreditation package.
• Create and review cybersecurity test plans and work with JEXC2 project Information Systems Security Engineers (ISSEs) to ensure Security Assessment Plans (SAPs) are constructed properly.
• Conduct cybersecurity assessments on customer components in order to identify vulnerabilities not addressed in standard DoD/DoN compliance methods.

Vulnerability Management:

• Provide scans of security threats and perform corrective action IAW DISA STIGs, TCNOs, and local security guidance.
• Must monitor cyber event tasking to detect and mitigate malicious cyber events.
• Must provide administrative production data and brief vulnerability status at weekly security briefings as required by the 747th CS leadership.

Vulnerability Scanning:

• Must complete cyber network vulnerability management scans across the JBPHH NIPRNet/SIPRNet encompassing all network device Operating Systems (OS) utilizing approved AIS.
• Must monitor vulnerabilities on NIPRNet/SIPRNet network systems using the scanning methods IAW local operating procedures.

• CompTIA Security + and/or CISSP
• Understand network devices
• Works well with others in a team environment
• System Administrator experience (troubleshooting issues on the system)
• Experience with RHEL and Windows OS (Server 2012, 2019, and Windows 10)

• Understands STIGs/STIG Checklist
• ACAS scanning experience

EEO Policy:

Bevilacqua Research Corporation is proud to be an Equal Opportunity Employer. Our hiring practices provide equal opportunity for employment without regard to race, religion, color, sex, gender, national origin, age, United States military veteran's status, ancestry, sexual orientation, gender identity, marital status, family structure, medical condition including genetic characteristics or information, veteran status, or mental or physical disability so long as the essential functions of the job can be performed with or without reasonable accommodation, or any other protected category under federal, state, or local law.