SAIC is seeking a Senior Cybersecurity Manager to support our customer in Washington, D.C. The role is a part of the IT infrastructure Operations, Development, Modernization, and Enhancement Team. This is an exciting opportunity to work with a team responsible for Security Operations, Vulnerability Management, IT Governance, Risk and Compliance, Security Tools Operations and Engineering Compliance and Identity and Access management. Cybersecurity Manager will support Program management with coordinating cybersecurity activities across the program.
***This role requires on site work 2 days per week in the Washington, DC headquarters office.
- Designs, tests, and implements secure operating systems, networks, security monitoring, tuning and management of IT security systems and applications, incident response, digital forensics, loss prevention, and eDiscovery actions.
- Manges risk and vulnerability assessment at the network, system, and application level. Conducts threat modeling exercises.
- Develops and implements security controls and formulates operational risk mitigations along with assisting in security awareness programs.
- Involved in a wide range of security issues including architectures, firewalls, electronic data traffic, and network access.
- Researches, evaluates and recommends new security tools, techniques, and technologies and introduces them to the enterprise in alignment with IT security strategy.
- Prepares security reports to regulatory agencies. Establishes strict program control processes to ensure mitigation of risks and supports obtaining certification and accreditation of systems.
- This includes process support, analysis support, coordination support, security certification test support, security documentation support, investigations, software research, hardware introduction and release, emerging technology research inspections and periodic audits.
- Ensure agency is in compliance with required government policies and processes (i.e. NIST, FISMA, CISA, DHS), and makes recommendations on process tailoring.
- Manage the audit finding using the National Institute of Standards and Technology (NIST) security controls developed under the Federal Information Security Management Act (FISMA).
- Review and validate the evidence in support of responses to security-related audits. Provide support for third-party audits performed by the OIG (annual financial statement and FISMA audits, penetration tests, other external regulatory agencies, and internal oversight elements).
- Performs analyses to validate established security requirements and to recommends additional security requirements and safeguards. Supports the formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results, and preparation of required reports.
- Periodically conducts of a review of each system's audits and monitors corrective actions until all actions are closed.
- Manages subordinate management and/or experienced specialist employees who exercise significant latitude and independence.
REQUIRED EDUCATION AND EXPERIENCE:
- Bachelors and fourteen (14) years or more experience in the IT field.
- 8+ years of experience with Transmission Control Protocol (TCP)/IP or Windows or Unix/Linux operating systems or network devices such as firewalls, gateways, proxies and similar IT devices.
- 5+ years of specific experience in cyber security and managing security operations center (SOC) personnel in mid - size and scope.
- 3+ years of experience utilizing IT Security tools such as Bluecoat Proxy, Cisco Fire Power, IronPort, BigFix SCA, Splunk, Qualys, CyberArk, Tenable Nessus & Security Center, and SCOM in automating continuous monitoring tasks.
- 3+ years of demonstrated experience in developing POAMs, gap analysis, vulnerabilities, and responding to audit findings, including the use of assessment and authorization management tool such as CSAM, Exacta, or eMASS.
- Minimum 3 years specific experience in developing and documenting processes compliance with NIST 800-37, 800-53 Rev 3 and 4 security controls and NIST guidance in general including extensive knowledge of obtaining ATOs and developing system security plans.
- Excellent oral and written communication skills.
- CompTIA Security+.
- ITIL V3 Foundation Certification.
- Certified Assessment Professional (CAP).
- Certified Information Systems Security Professional (CISSP).
- Project Management Professional (PMP).
- Certified Ethical Hacker (CEH).
Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.
SAIC® is a premier Fortune 500® technology integrator driving our nation's technology transformation. Our robust portfolio of offerings across the defense, space, civilian, and intelligence markets includes secure high-end solutions in engineering, digital, artificial intelligence and mission solutions. Using our expertise and understanding of existing and emerging technologies, we integrate the best components from our own portfolio and our partner ecosystem to deliver innovative, effective and efficient solutions that are critical to achieving our customers' missions.
We are approximately 24,000 strong; driven by mission, united by purpose, and inspired by opportunities. SAIC is an Equal Opportunity Employer, fostering a culture of diversity, equity, and inclusion, which is core to our values and important to attract and retain exceptional talent. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $6.9 billion. For more information, visit saic.com. For ongoing news, please visit our newsroom.