Information Systems Security Engineer
SRC, Inc. is seeking an information security systems engineer to support the customer's ISSM team. The selected candidate will work with systems designers and developers to ensure development of compliant architectures and work through the accrediting processes. Candidate should exhibit direct project experience with patch management, continuous monitoring, and scanning activities. This individual must also have excellent project management skills and the ability to keep multiple projects organized and should be proactive and forward leaning.
SRC, Inc., a not-for-profit research and development company, combines information, science, technology and ingenuity across our family of companies to deliver innovative, advanced defense solutions and products that are redefining possible®. Since 1957, our commitment to the customer and the best solution – not the bottom line – has remained a core value that guides our efforts. This passion for quality carries through to the technologies we invent and manufacture, the laboratories and facilities we build, the people we hire, and the communities we support.
At SRC, we provide you the freedom and the resources to solve “impossible” problems in a collaborative work environment that integrates research, development and manufacturing. We strive to proactively identify and eliminate barriers that prevent our employees’ full participation and are committed to ensuring an inclusive and equitable workplace for all our employees. When you join our team, you’ll be a part of something truly meaningful. You’ll join more than 1,300 engineers, scientists and professionals — with 20 percent of those employees having served in the military — helping to keep America and its allies safe and strong.
In return, you’ll enjoy an inclusive work environment, receive a competitive salary, and experience a comprehensive benefits package that includes four or more weeks of paid time off to start, 10 percent of an employee’s compensation contributed toward retirement, and 100 percent tuition support.
- Work with IT engineers on designing architectures that comply with current security policies
- Risk Management and the Certification and Accreditation processes (ICD 503, DCID 6/3)
- Develop and evaluate Site Security Plans (SSPs). Ensure that information systems securely operate according to the security controls documented in the SSP once systems are approved for the production environment
- Patch management, continuous monitoring, and vulnerability scanning/remediation activities
- Devise and implement a continuous monitoring plan across multiple security domains and be familiar with tools used in compliance and vulnerability assessments
- Complete assessment reports to provide organizational risk, ad-hoc customer responses and policy interpretation
- Handle software management, laptop compliance, technology evaluation for security and access requests
- Maintain tracking list in addition to other duties listed
- Bachelor's degree in communications, computer science, engineering or information assurance
- Three to five years related experience with BS/BA or one to three years with MS/MA or zero to two years with Ph.D. If no degree, requires additional equivalent experience
- TS/SCI with CI Polygraph security clearance required
- CISSP certification
- Knowledge and experience with DCID 6/3, ICD 503, NIST SP 800-53, and/or other intelligence community standards relating to information security
- Must be a team player and possess a strong ability to work collaboratively with a diverse team as well as work independently with minimal supervision
- Working knowledge of digital communications and related IT communications technologies
- Demonstrated ability to work effectively at all levels in an organization
- Demonstrated ability to quickly ramp up to support the customer’s needs, clearly communicate (orally & written) ideas, work autonomously, take the initiative to provide creative alternatives to intractable challenges or systemic problems
- Demonstrated ability to work with customers providing detailed and unbiased feedback, guidance, and recommendations
- Good time management skills; ability to support multiple projects; ability to multi-task
- Experience with security vulnerability assessment tools (e.g., Nessus, WASSP, SECSCAN) and network scanning tools (e.g., Nessus, Nmap)
Individuals seeking employment are considered without regard to race, color, religion, sex, sexual orientation, gender identify, national origin, age, status as a protected veteran, or disability. You are being given the opportunity to provide the following information in order to help us comply with federal and state Equal Employment Opportunity/Affirmative Action record keeping, reporting, and other legal requirements.Learn more about SRC:
President Biden’s Executive Order 14042, requires Federal contractors and subcontractors to be fully vaccinated for COVID-19 by January 18, 2022. This requirement applies to all SRC, Inc. and SRCTec, LLC employees and its subcontractors. Anyone unable to be vaccinated, either because of a sincerely held religious belief or medical reason, can request a reasonable accommodation.