Cybersecurity Specialist

#
** Application Instructions:
**** External Applicants:
** Please upload your
** resume
* * on the
** Apply
* * screen. Your application will automatically populate your resume details, and you may verify and update data on the
** My Information
** page.  
** Current Mercer University Employees:
** Apply from your existing
** Workday
* * account.
** Do not apply from the external careers website**. Log in to
** Workday
* * and type
** Jobs Hub
** in the search bar. Locate the position and click
** Apply**.##
*
* Job Title:

** Cybersecurity Specialist##
** Department:
** MERC##
** College/Division:
** Mercer Engineering Research Center
** Primary Job Posting

Location:

** Warner Robins, GA ##
** Job Details:
** Mercer Engineering Research Center (MERC), a research institute of Mercer University, provides high quality engineering, scientific, and technical support services to both government and private industry customers.
The Cybersecurity Specialist supports or performs cybersecurity operations for enterprise-based information technology (enclave, systems, or networks), platform-based information technology (systems or aircraft), and/or software development activities. The Cybersecurity Specialist may perform evaluations (compliance audits and/or a vulnerability assessments) and is involved in the establishment of strict program control processes to ensure risk mitigation and adherence to national, state, and local laws, and/or MERC policy.

DUTIES AND RESPONSIBILITIES  
• May work independently or as an Information System Security Officer (ISSO) under the direction of the Cyber Technical Lead, more senior cybersecurity personnel, and/or the Information System Security Manager (ISSM) on the following tasks:  
• Sustain network/information system security through testing, analysis, and application of policy and controls.  
• Obtain certification and accreditation of systems, to include process support, analysis support, coordination support, security certification test support, security documentation support, investigations, software research, hardware introduction and release, emerging technology research inspections, and periodic audits.  
• Conduct threat and risk analysis and analyze the business impact of new and existing systems and technologies to eliminate risk, performance, and capacity issues.  
• Implement vulnerability assessments and configuration audits of operational systems, web servers, and databases to detect patterns, insecure features, and malicious activities in the infrastructure.  
• Analyze, investigate, test, evaluate, and deploy security technology and procedures.  
• Run diagnostics on any changes to data to verify any undetected breaches.  
• Develop custom systems for specialized security features and procedures for software systems, networks, data centers, and hardware.  
• Develop and implement information security standards, guidelines, and procedures.  
• Observe, evaluate, and document security certification testing.  
• Develop, review, and evaluate System Security Plans, System Security Authorization Agreements, systems and networks diagrams, Security Requirements Traceability Matrices, risk assessments, and associated information system Authorization and Accreditation documents.  
• Perform security incident evidence gathering and evaluations.  
• Perform incident remediation, review and analysis.  
• Apply Security Technical Implementation Guides (STIGs).  
• Implement government policy (i.e., NISPOM, DCID 6/3) and make process tailoring recommendations.  
• Review static/dynamic analysis results and remediate  
• Conduct counteractive protocols and report incidents  
• Customize risk ratings for vulnerabilities based on company policies and maintain IT security controls documentation  
• Use OWASP testing methodology, Dynamic and Static Application Security Testing, re-engineering, automation, ASP.NET/JAVA, IDS/IPS systems, Burp Suite, Nmap, and Metasploit.  
• Develop software-based remediation using Python, C#, Java, JavaScript, J-Query  
• Complies with all Executive Director approved MERC-wide policies and procedures.  
• Participates in Technical Interchange Meetings with customers.  
•…