Research and Development Specialist - Advanced - Zolon Tech
NGA New Campus East (NCE), VA 22150
About the Job
Clearance: TSSCI
Certification: IAT, IAM, or IASAE Level III
Work Role Description
Conducts software and systems engineering and software systems research to develop new capabilities, ensuring cybersecurity is fully integrated. Conducts comprehensive technology research to evaluate potential vulnerabilities in cyberspace systems.
Tasks
Review and validate data mining and data warehousing programs, processes, and requirements.
Research current technology to understand capabilities of required system or network.
Identify cyber capabilities strategies for custom hardware and software development based on mission requirements.
Collaborate with stakeholders to identify and/or develop appropriate solutions technology.
Design and develop new tools/technologies as related to cybersecurity.
Evaluate network infrastructure vulnerabilities to enhance capabilities being developed.
Follow software and systems engineering life cycle standards and processes.
Troubleshoot prototype design and process issues throughout the product design, development, and pre-launch phases.
Identify functional- and security-related features to find opportunities for new capability development to exploit or mitigate vulnerabilities.
Identify and/or develop reverse engineering tools to enhance capabilities and detect vulnerabilities.
Develop data management capabilities (e.g., cloud-based, centralized cryptographic key management) to include support to the mobile workforce.
Research and evaluate available technologies and standards to meet customer requirements.
Knowledge
Knowledge of computer networking concepts and protocols, and network security methodologies.
Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
Knowledge of cybersecurity and privacy principles.
Knowledge of cyber threats and vulnerabilities.
Knowledge of specific operational impacts of cybersecurity lapses.
Knowledge of application vulnerabilities.
Knowledge of cryptography and cryptographic key management concepts
Knowledge of new and emerging information technology (IT) and cybersecurity technologies.
Knowledge of system life cycle management principles, including software security and usability.
Knowledge of Supply Chain Risk Management Practices (NIST SP 800-161)
Knowledge of information technology (IT) supply chain security and supply chain risk management policies, requirements, and procedures.
Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
Knowledge of the application firewall concepts and functions (e.g., Single point of authentication/audit/policy enforcement, message scanning for malicious content, data anonymization for PCI and PII compliance, data loss protection scanning, accelerated cryptographic operations, SSL security, REST/JSON processing).
Skills
Skill in applying and incorporating information technologies into proposed solutions.
Skill in creating and utilizing mathematical or statistical models.
Skill in using scientific rules and methods to solve problems.
Skill in applying the systems engineering process.
Skill in designing the integration of technology processes and solutions, including legacy systems and modern programming languages.
Skill in applying secure coding techniques.
Abilities
Ability to identify systemic security issues based on the analysis of vulnerability and configuration data.
Ability to prepare and present briefings.
Ability to produce technical documentation.
Ability to identify critical infrastructure systems with information communication technology that were designed without system security considerations.
Certification: IAT, IAM, or IASAE Level III
Work Role Description
Conducts software and systems engineering and software systems research to develop new capabilities, ensuring cybersecurity is fully integrated. Conducts comprehensive technology research to evaluate potential vulnerabilities in cyberspace systems.
Tasks
Review and validate data mining and data warehousing programs, processes, and requirements.
Research current technology to understand capabilities of required system or network.
Identify cyber capabilities strategies for custom hardware and software development based on mission requirements.
Collaborate with stakeholders to identify and/or develop appropriate solutions technology.
Design and develop new tools/technologies as related to cybersecurity.
Evaluate network infrastructure vulnerabilities to enhance capabilities being developed.
Follow software and systems engineering life cycle standards and processes.
Troubleshoot prototype design and process issues throughout the product design, development, and pre-launch phases.
Identify functional- and security-related features to find opportunities for new capability development to exploit or mitigate vulnerabilities.
Identify and/or develop reverse engineering tools to enhance capabilities and detect vulnerabilities.
Develop data management capabilities (e.g., cloud-based, centralized cryptographic key management) to include support to the mobile workforce.
Research and evaluate available technologies and standards to meet customer requirements.
Knowledge
Knowledge of computer networking concepts and protocols, and network security methodologies.
Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
Knowledge of cybersecurity and privacy principles.
Knowledge of cyber threats and vulnerabilities.
Knowledge of specific operational impacts of cybersecurity lapses.
Knowledge of application vulnerabilities.
Knowledge of cryptography and cryptographic key management concepts
Knowledge of new and emerging information technology (IT) and cybersecurity technologies.
Knowledge of system life cycle management principles, including software security and usability.
Knowledge of Supply Chain Risk Management Practices (NIST SP 800-161)
Knowledge of information technology (IT) supply chain security and supply chain risk management policies, requirements, and procedures.
Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
Knowledge of the application firewall concepts and functions (e.g., Single point of authentication/audit/policy enforcement, message scanning for malicious content, data anonymization for PCI and PII compliance, data loss protection scanning, accelerated cryptographic operations, SSL security, REST/JSON processing).
Skills
Skill in applying and incorporating information technologies into proposed solutions.
Skill in creating and utilizing mathematical or statistical models.
Skill in using scientific rules and methods to solve problems.
Skill in applying the systems engineering process.
Skill in designing the integration of technology processes and solutions, including legacy systems and modern programming languages.
Skill in applying secure coding techniques.
Abilities
Ability to identify systemic security issues based on the analysis of vulnerability and configuration data.
Ability to prepare and present briefings.
Ability to produce technical documentation.
Ability to identify critical infrastructure systems with information communication technology that were designed without system security considerations.
Source : Zolon Tech