Cyber Security Engineer – Security Control Assessor

Job Description

Description

SAIC is looking for a Cyber Security Engineer – Security Control Assessor in Suitland, MD

SAIC is looking for a Senior Cyber Security Analyst experienced in Security Control Assessor (SCA), Risk Management Framework (RMF) and Assessment & Authorization (A&A) to support Navy Sites and Programs of Record (PORs).  The individual will determine if engineering solutions are practical, reliable and interoperable for the execution/implementation on Navy Networks.

Responsibilities:

• Conduct security assessment reviews and have a working knowledge of several Navy and the IC community Mission Assurance (MA) tool sets: Insider Threat Detection, Security Forensics, Application Layer Filtering, Source Code Analyzers, Strong Authentication Controls, and Network Traffic Analysis, Firewalls, Wireless Detection, and VPN Protection controls.
• Design, test, and implement secure operating systems, networks, security monitoring, tuning and management of IT security systems and applications, incident response, digital forensics, loss prevention, and eDiscovery actions.
• Conduct risk and vulnerability assessment at the network, system and application level.
• Develops and implements security controls and formulates operational risk mitigations along with assisting in security awareness programs.
• Utilizes COTS/GOTS and custom tools and processes/procedures in order to scan, identify, contain, mitigate and remediate vulnerabilities, and intrusions. 
• Assists in the implementation of the required government policy (i.e., NISPOM, DCID 6/3), and makes recommendations on process tailoring.
• Performs analyses to validate established security requirements and to recommend additional security requirements and safeguards.
• Supports the formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results, and preparation of required reports.
• Periodically conducts a review of each system's audits and monitors corrective actions until all actions are closed. 

Qualifications

Required Education and Experience:

• Bachelors and fourteen (14) years or more experience; Masters and twelve (12) years or more experience; PhD and nine (9) years or more experience.

Required Skills: 

• Ability to work with and build relationships with a variety of stakeholders; government technical representatives, and other supporting contractors;
• Excellent written and oral communications
• Ability to work independently or in a team collaborative environment
• Ability to brief senior government personnel.
• Certifications include one or more of the following: CISSP, CISM, or CISA, and Security + Network Plus.
• Working experience with ACAS scan analysis, STIG CKLs, SCC benchmarks, Vulnerator, XACTA, HBSS and Navy M3 Message Creation. Analyze the data from these tools and make sound recommendations toward successful completion of the Assessment and Authorization (A&A) process.
• Working experience with the following policies; NIST, DoD, DHA, DON, FISMA, OMB, FIPS, CNSS.

Desired Skills and Certifications:  

• Experience with DISA STIGs associated with listed networking technologies, as well as, Enclave, Network Policy, Remote Access Policy, and DMZ STIGS, and the Risk Management Framework Step Process.
• Experience with Word, Excel and Visio.

Overview

SAIC® is a premier Fortune 500® technology integrator driving our nation's technology transformation. Our robust portfolio of offerings across the defense, space, civilian, and intelligence markets includes secure high-end solutions in engineering, digital, artificial intelligence, and mission solutions. Using our expertise and understanding of existing and emerging technologies, we integrate the best components from our own portfolio and our partner ecosystem to deliver innovative, effective, and efficient solutions that are critical to achieving our customers' missions.

We are approximately 26,000 strong; driven by mission, united by purpose, and inspired by opportunities. SAIC is an Equal Opportunity Employer, fostering a culture of diversity, equity, and inclusion, which is core to our values and important to attract and retain exceptional talent. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $7.4 billion. For more information, visit saic.com. For ongoing news, please visit our newsroom.