SRC, Inc is hiring an

Information Assurance Analyst

Herndon, United States

SRC, Inc. is currently seeking an Information Assurance Analyst in Chantilly, VA. The selected individual will lead the ICD 503 assessment and authorization effort for the key management infrastructure.  

SRC, Inc., a not-for-profit research and development company, combines information, science, technology and ingenuity across our family of companies to deliver innovative, advanced defense solutions and products that are redefining possible®. Since 1957, our commitment to the customer and the best solution – not the bottom line – has remained a core value that guides our efforts. This passion for quality carries through to the technologies we invent and manufacture, the laboratories and facilities we build, the people we hire, and the communities we support.

At SRC, we provide you the freedom and the resources to solve “impossible” problems in a collaborative work environment that integrates research, development and manufacturing. We strive to proactively identify and eliminate barriers that prevent our employees’ full participation and are committed to ensuring an inclusive and equitable workplace for all our employees. When you join our team, you’ll be a part of something truly meaningful. You’ll join more than 1,300 engineers, scientists and professionals — with 20 percent of those employees having served in the military — helping to keep America and its allies safe and strong.

In return, you’ll enjoy an inclusive work environment, receive a competitive salary, and experience a comprehensive benefits package that includes four or more weeks of paid time off to start, 10 percent of an employee’s compensation contributed toward retirement, and 100 percent tuition support.


  • Support NIST based Assessment and Authorization activities for COMSEC Terrestrial and Space Programs
  • Knowledge of Risk Management Framework (RMF) to maintain the cybersecurity posture of all assets.
  • Define, analyze and validate system requirements
  • Participate in organization and National Working Groups (NWG), Space COMSEC Requirements Reviews (SCRR), and Key Management Infrastructure (KMI) project management/design reviews
  • Assist in establishing and maintaining COMSEC baseline changes for key/equipment
  • Engage with commercial vendors, program managers, and external agencies
  • Support, coordinate, plan and implement equipment hardware/software changes with organization's crypto engineering division, vendor and program offices
  • Review and validate system performance and deficiency reports (Nessus scans)
  • Develop and maintain documentation including policies and standard operating procedures (SOP)

Security Requirements 

  • An active Top Secret/SCI security clearance and current investigation are required. CI poly required.

Position Requirements:

  • Bachelor's degree in communications, computer science, engineering or information assurance and 7 or more years of experience, or applicable experience in lieu of degree such as High School Diploma and 11 or more years of related experience.
  • DoD 8750 IAT/IAM level 2 certification required, level 3 desired
  • Knowledge and experience with ICD 503, NIST SP 800-53, and other intelligence community standards relating to information security and system event auditing requirements
  • Experience with vulnerability scan applications and operating systems and remediating system vulnerabilities
  • Experience in working with architecture and development teams on security implementation approaches, best practices, and process development
  • Experience with providing the secure implementation of chosen frameworks and technologies
  • Possession of excellent interpersonal skills to successfully interact with clients, engineers, and managers
  • Experience performing full A&A lifecycle activities including Continuous Monitoring, Vulnerability Management, Scanning, and Risk Management Framework (RMF) life cycle
  • Experience with IA vulnerability testing and related network and system test tools (i.e. Nessus, HBSS, and EVSS)
  • Knowledge and experience with server/client technologies, OSI model and the TCP/IP model
  • Experience with Windows Domains, Active Directory, DNS, and GPO's
  • Experience with Cloud-based IT systems, provide support for development in or transition to a multi-cloud and multi-agency infrastructure
  • Knowledge and experience with COMSEC key management applications and system performance
  • Knowledge and experience with implementing COOP documentation; scheduling, conducting and overseeing COOP and back–up facility testing, training and exercise events; and collaborating with parent organization to ensure compliance with COOP program objectives

This job is no longer available

Enter your email address below to get notified whenever we find a similar job post.

Unsubscribe at any time.