Information Security Systems Engineer

SRC, Inc. is currently seeking an Information Security Systems Engineer.  The selected candidate will work with systems designers and developers to ensure development of compliant architectures and work through the accrediting processes. Candidate should exhibit direct project experience with patch management, continuous monitoring, and scanning activities. This individual must also have excellent project management skills and the ability to keep multiple projects organized and should be proactive and forward leaning. 

SRC, Inc., a not-for-profit research and development company, combines information, science, technology and ingenuity across our family of companies to deliver innovative, advanced defense solutions and products that are redefining possible®. Since 1957, our commitment to the customer and the best solution – not the bottom line – has remained a core value that guides our efforts. This passion for quality carries through to the technologies we invent and manufacture, the laboratories and facilities we build, the people we hire, and the communities we support.

At SRC, we provide you the freedom and the resources to solve “impossible” problems in a collaborative work environment that integrates research, development and manufacturing. We strive to proactively identify and eliminate barriers that prevent our employees’ full participation and are committed to ensuring an inclusive and equitable workplace for all our employees. When you join our team, you’ll be a part of something truly meaningful. You’ll join more than 1,300 engineers, scientists and professionals — with 20 percent of those employees having served in the military — helping to keep America and its allies safe and strong.

In return, you’ll enjoy an inclusive work environment, receive a competitive salary, and experience a comprehensive benefits package that includes four or more weeks of paid time off to start, 10 percent of an employee’s compensation contributed toward retirement, and 100 percent tuition support.

Responsibilities:

• Provide senior level customer’s Enterprise Cyber security support. Work with IT engineers on designing architectures that comply with current security policies
• Risk Management and the Certification and Accreditation processes (ICD 503)
• Develop and evaluate Site Security Plans (SSPs). Ensure that information systems securely operate according to the security controls documented in the SSP once systems are approved for the production environment 
• Patch management, continuous monitoring, and vulnerability scanning/remediation activities
• Devise and implement a continuous monitoring plan across multiple security domains and be familiar with tools used in compliance and vulnerability assessments
• Complete assessment reports to provide organizational risk, ad-hoc customer responses and policy interpretation
• Handle software management, laptop compliance, technology evaluation for security and access requests
• Maintain tracking list in addition to other duties listed

Security Requirements 

• An active Top Secret/SCI security clearance and current investigation are required. CI poly required.

Position Requirements:

• Bachelor's degree in communications, computer science, engineering or information assurance and 6 years of related experience. Any equivalent combination of education, training, and relevant experience can be considered such as master’s degree and 3 years related experience OR high school diploma and 10 years of related experience.
• IAM Level 3 certified
• Knowledge and experience with NRO Networks, ICD 503, NIST SP 800-53, and/or other intelligence community standards relating to information security 
• Must be a team player and possess a strong ability to work collaboratively with a diverse team as well as work independently with minimal supervision
• Working knowledge of digital communications and related IT communications technologies
• Demonstrated ability to work effectively at all levels in an organization
• Demonstrated ability to quickly ramp up to support the customer’s needs, clearly communicate (orally & written) ideas, work autonomously, take the initiative to provide creative alternatives to intractable challenges or systemic problems
• Demonstrated ability to work with customers providing detailed and unbiased feedback, guidance, and recommendations
• Good time management skills; ability to support multiple projects; ability to multi-task

Desired Requirements

• CISSP-ISSEP
• Experience with security vulnerability assessment tools (e.g., Nessus, WASSP, SECSCAN) and network scanning tools (e.g., Nessus, Nmap)