SAIC is seeking a Vulnerability Analyst, with skill aligned with a Tier 3 Security Analyst, to support our City of Irvine client in Irvine, CA. The contract is a comprehensive IT infrastructure initiative which aims to significantly improve the manner in which the Client’s IT systems are operated, supported, and controlled. The Vulnerability Analyst postiion is concerned with the Security Services Requirements section of this contract, prividing support services associated with (but not limited to) Security Information and Event Management (SIEM), incident response, Intrusion Detection and Intrusion Prevention Systems (IDS/IPS), anti-virus and malware management, and firewall monitoring.
Duties and Responsibilities:
- Performs risk and vulnerability management tasks at the netwrok, system, and application level.
- Runs automated vulnerability scanning tools against all in-scope systems on the network, adhering to a pre-defined schedule.
- Prioritizes vulnerability scan findings; produces and disseminate reports.
- Runs ad-hoc vulnerability scans on an as-needed basis.
- Reviews cyber threat intelligence from multiple external sources; shares relevant threat information with the client.
- Captures Indicators of Compromise (IoCs) for new and evolving types of malware; incorporates IoCs into firewall rules and other control mechanisms, as appropriate.
- Utilizes COTS/GOTS and custom tools and processes/procedures to scan, identify, contain, mitigate, and remediate vulnerabilities, and intrusions.
- Conducts research and evaluates technical and all-source intelligence with specific emphasis on network operations and cyber adversary tactics, techniques, and procedures.
- Conducts investigations into security incidents following defined Incident Response procedures, takes immediate measures to isolate the problem and minimize negative impact, follows escalation procedures as appropriate, creates post-incident reporting to include Root Cause Analysis.
- Analyzes network events to determine the impact on current operations.
- Correlates threat data from various sources.
- Develops and maintains analytical procedures to meet changing requirements and ensure maximum operational effectiveness.
- Implements secure operating systems, networks, security monitoring, tuning and management of IT security systems and applications, incident response, digital forensics, loss prevention, and eDiscovery actions.
- Develops and implements security controls and formulates operational risk mitigations along with assisting in security awareness programs.
- Involved in a wide range of security issues including architectures, firewalls, electronic data traffic, and network access.
- Performs analyses to validate established security requirements and recommends additional security requirements and safeguards.
- May support cyber metrics development and reporting.
- BS in Cybersecurity or related technical field and 5+ years relevant industry experience; MS in Cybersecurity or related technical field and 3+ years relevant industry experience; PhD in Cybersecurity or related technical field with 0+ years relevant industry experience.
- Required Certifications: CompTIA Certified Network Vulnerability Professional (CNVP), Certified Information Systems Security Professional (CISSP), GIAC Certified Incident Handler (GCIH), or similar.
- Professional experience with:
- Vulnerability Management tools (such as Tenable/Nessus)
- Security Information and Event Management (SIEM)
- IDS/IPS, Firewalls, and Anti-Virus/Anti-Malware technologies
- Incident Management
- BS in Cybersecurity or related technical field and 7+ years relevant industry experience; MS in Cybersecurity or related technical field and 5+ years relevant industry experience; PhD in Cybersecurity or related technical field with 2+ years relevant industry experience.
- Desired Certifications: GIAC Enterprise Vulnerability Assessor (GEVA), Offensive Security Certified Professional (OSCP), or GIAC Certified Forensic Examiner (GCFE) or similar.
Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.
SAIC® is a premier Fortune 500® technology integrator driving our nation's technology transformation. Our robust portfolio of offerings across the defense, space, civilian, and intelligence markets includes secure high-end solutions in engineering, digital, artificial intelligence, and mission solutions. Using our expertise and understanding of existing and emerging technologies, we integrate the best components from our own portfolio and our partner ecosystem to deliver innovative, effective, and efficient solutions that are critical to achieving our customers' missions.
We are approximately 26,000 strong; driven by mission, united by purpose, and inspired by opportunities. SAIC is an Equal Opportunity Employer, fostering a culture of diversity, equity, and inclusion, which is core to our values and important to attract and retain exceptional talent. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $7.4 billion. For more information, visit saic.com. For ongoing news, please visit our newsroom.