INFORMATION SYSTEM SECURITY DEVELOPER (CYBER)

Overview:

Quantum Research International, Inc. (Quantum) is a certified DoD Contractor providing services and products to US/Allied governments and industry in the following main areas: (1) Cybersecurity, High Performance Computing Systems, Cloud Services and Systems; (2) Space and Ground Support Systems; (3) Aviation Systems; (4) Missile Systems; (5) Artificial Intelligence/ Machine Learning Systems and Experimentation/Training; and (6) Audio Visual Systems and Services. Quantum’s Corporate Office is in Huntsville, AL, but Quantum actively hires for positions nationwide and internationally. We pride ourselves on providing high quality support to the U.S. Government and our Nation’s Warfighters. In addition to our corporate office, we have physical locations in Aberdeen; MD; Colorado Springs, CO; Orlando, FL; Crestview, FL; and Tupelo, MS.

Mission:

Responsibilities:

• Analyze design constraints, analyze trade-offs and detailed system and security design, and consider life cycle support.
• Apply security policies to applications that interface with one another, such as Business-to-Business (B2B) applications.
• Assess the effectiveness of cybersecurity measures utilized by system(s).
• Assess threats to and vulnerabilities of computer system(s) to develop a security risk profile.
• Build, test, and modify product prototypes using working models or theoretical models.
• Conduct Privacy Impact Assessments (PIAs) of the application’s security design for the appropriate security controls, which protect the confidentiality and integrity of Personally Identifiable Information (PII).
• Design and develop cybersecurity or cybersecurity-enabled products.
• Design hardware, operating systems, and software applications to adequately address cybersecurity requirements.
• Design or integrate appropriate data backup capabilities into overall system designs, and ensure that appropriate technical and procedural processes exist for secure system backups and protected storage of backup data.
• Develop and direct system testing and validation procedures and documentation.
• Develop detailed security design documentation for component and interface specifications to support system design and development.
• Develop Disaster Recovery and Continuity of Operations plans for systems under development and ensure testing prior to systems entering a production environment.
• Develop risk mitigation strategies to resolve vulnerabilities and recommend security changes to system or system components as needed.
• Develop specific cybersecurity countermeasures and risk mitigation strategies for systems and/or applications.
• Identify components or elements, allocate security functions to those elements, and describe the relationships between the elements.

Requirements:

• TS/SCI Security Clearance and subject to a CI poly
• BS degree. In lieu of degree, CSC, GCLD, CASP , CCSP, Cloud , or GSEC certifications may be accepted or WSS 011 or WSS 012 DoD trainings. Extensive experience may be accepted in lieu of degree or certifications.
• DoD 8570 IAT, IAM, or IASAE Level 3 Certification.
• Ability to identify systemic security issues based on the analysis of vulnerability and configuration data.
• Ability to apply the methods, standards, and approaches for describing, analyzing, and documenting an organization's enterprise IT architecture (e.g., Open Group Architecture Framework [TOGAF], Department of Defense Architecture Framework [DoDAF], Federal Enterprise Architecture Framework [FEAF]).
• Ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.
• Ability to conduct vulnerability scans and recognize vulnerabilities in security systems.
• Ability to produce technical documentation.
• Ability to analyze test data.
• Ability to translate data and test results into evaluative conclusions.
• Ability to apply network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
• Ability to apply secure system design tools, methods and techniques.
• Ability to apply system design tools, methods, and techniques, including automated systems analysis and design tools.
• Ability to ensure security practices are followed throughout the acquisition process.
• Ability to design architectures and frameworks.
• Ability to function in a collaborative environment, seeking continuous consultation with other analysts and experts—both internal and external to the organization—to leverage analytical and technical expertise

Desired/Preferred Skills:

• Develop policy, plans, and strategy in compliance with laws, regulations, policies, and standards in support of organizational cyber activities.
• Coordinate cyber operations with other organization functions or support activities.
• Interpret and apply laws, regulations, policies, and guidance relevant to organization cyber objectives.
• Work across departments and business units to implement organization’s privacy principles and programs and align privacy objectives with security objectives.
• Relate strategy, business, and technology in the context of organizational dynamics.
• Understands technology, management, and leadership issues related to organization processes and problem solving.
• Ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.

#LI-Onsite #LI- JL1

Equal Opportunity Employer/Affirmative Action Employer M/F/D/V:

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity, or any other characteristic protected by law. *Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.