SRC, Inc. is currently seeking information assurance (IA) analysts to support our defense customer, the Air Force Research Laboratory Information Directorate located in Rome, NY.
- Serve as system security engineer providing cybersecurity guidance to system development project teams
- Evaluate security architectures and designs and provide inputs as to the adequacy of security designs and architectures proposed or provided in response to requirements
- Develop and maintain knowledge and expertise concerning accreditation standards and requirements
- Collaborate with system development personnel
- Provide guidance and ensure incorporation of IA within the system architecture at all stages of program development
- Provide technical review and analysis support during the accreditation process
- Support program managers responsible for the implementation of information security to ensure IA architecture and systems engineering requirements are properly addressed through the acquisition life cycle
- Research and keep up-to-date on techniques and process improvements in support of cybersecurity and secure system design practices.
- Provide technical information security support
- Bachelor's degree in communications, computer science, engineering or information assurance
- One or more years of experience as a system security engineer, cybersecurity engineer, information systems security officer, or other IA discipline
- Knowledge/experience in assured engineering and enterprise architecture
- Knowledge of USAF RMF processes, DoD and NIST Risk Management Frameworks, NIST 800-160
- Experience building a test environment and running ACAS and/or HP fortify, Wireshark, etc., scans
- Outstanding organizational, interpersonal and communication (writing and speaking) skills
- Good with seeking out the information needed from developers, and forming control responses recorded in a system security plan
- Experience with RMF workflow tools (eMASS)
- Experience with security control assessments and reporting
- Knowledge of DoD systems
- Knowledge and experience with; design(s), conducting technical vulnerability assessments, computer system and network engineering, managing program information technology (IT) assets' configuration.
- Knowledge and experience with secure architectures, client/server technologies, web based technologies, enterprise services, cloud-based system, the OSI model and the TCP/IP stack
- Knowledge and experience with designs and implementations of existing and in-development systems to assess the security implications related to cloud architectures, open architectures to include large enterprise systems likely spanning multiple networks and/or security domains to include unclassified, secret, top secret, TS/SCI and SAP/SAR information
- Understanding of software and system development life cycles, agile scrum development and scaled agile framework (SAFe)
- DoD 8140/8570 certifications commensurate with experience and skill set
- Experience with Windows and Linux server operating systems and applications
Security Clearance Requirements
An active Top Secret/SCI security clearance and current polygraph are required.