The Enterprise & Mission Solution Business Unit currently has an opening for a Systems Engineer to support the Department of State (DoS) Bureau of Information Resource Management (IRM) PKI program. This program provides transparent security services in support of the Department’s goals to secure communications among Department staff and systems.
This is a senior-level PKI engineering position within the program’s Enterprise Engineering Office (EEO), providing PKI engineering and integration support, administering, maintaining, and deploying various PKI systems based on Entrust solutions, onsite at the various DoS Datacenters and at certain selected DoS domestic and overseas locations.
The preferred candidate must possess strong skills in designing, installing, configuring, and maintaining PKI systems. Additionally the preferred candidate should have some experience in providing tier-3 level support in large enterprises.
The position may allow temporary hybrid remote work due to Covid-19. Position may be called back onsite at any time at the customer's request. 3 days onsite or as required by customer.
Description of Duties
- Performing all aspects of systems design and PKI engineering in support of various PKI systems deployed at the Department of State.
- Manage and maintain enclaved server hardware, storage, switches, server operating systems, and Hardware Security Modules (HSMs).
- Providing in-depth subject matter expertise for engineering support related to Public Key Infrastructure (PKI) systems, especially in a government setting.
- Maintaining existing PKI systems – patch existing systems, deploy new components based on customer demand.
- Directly working with customer to analyze requirements and then deploy security related solution to meet those requirements.
- Performing problem analysis following any service issues to prevent recurrence.
- Performing product evaluations and making product recommendations.
- Identifying security risks to customer systems and suggest mitigations.
- Designing, building, and managing PKI enclaves conforming to the policies and standards of the Department of State, Homeland Security Presidential Directive 12 (HSPD-12), Federal Bridge Certification Authority (FBCA), National Institute of Standards and Technology (NIST), and other policies and standards as required.
- Identifying security architectures and implementation gaps, vulnerabilities, and risks; developing, testing, and implementing solutions to address the gaps, and new or updated requirements.
- Developing test cases for software/hardware testing and developing test evaluation reports for stakeholders.
- Lead an effort in gathering requirements, performing gap analysis, developing and presenting potential solutions, and creating detailed design and implementation plans.
- Developing and updating systems documentation (e.g., ConOps, Operating procedures, systems architecture documents).
- Ensuring the NIST 800-53 Rev. 4 security controls, where applicable, are in place and validated on all PKI systems.
Required Education & Experience
- Bachelors and five (5) years or more of relevant experience; Masters and three (3) years or more of relevant experience; may accept additional experience in lieu of degree.
- Working knowledge with network devices particularly Cisco switches.
- Network infrastructure diagnostics (TCP/IP general networking knowledge, network monitoring tools).
- Virtualization technologies – VMWare ESXI, vCenter, VMWare NSX.
- Working knowledge of external storage solutions, storage area networks (SANs), and Fiber Channel networks.
- Professionally and effectively communicate; both verbal and written at all levels within the organization.
- Ability to think analytically, troubleshoot, and solve problems.
- Ability to troubleshoot and resolve network/application/operating system issues.
- Self-starter, able to work independently with minimum supervision.
- Excellent MS-Windows Server administration & maintenance skills.
- Excellent oral and written communication skills.
- Excellent analytical and troubleshooting skills.
- US Citizenship.
- Ability to obtain top secret clearance.
- Ability to obtain an interim secret prior to starting work.
Highly Preferred Skills
- Strong background in the Microsoft server operating systems and Certificate Authority (CA) providers.
- General understanding of cryptographic keys, symmetric and asymmetric keys, cryptographic key algorithms and cipher blocks.
Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.
SAIC® is a premier Fortune 500® technology integrator driving our nation's technology transformation. Our robust portfolio of offerings across the defense, space, civilian, and intelligence markets includes secure high-end solutions in engineering, digital, artificial intelligence and mission solutions. Using our expertise and understanding of existing and emerging technologies, we integrate the best components from our own portfolio and our partner ecosystem to deliver innovative, effective and efficient solutions that are critical to achieving our customers' missions.
We are approximately 24,000 strong; driven by mission, united by purpose, and inspired by opportunities. SAIC is an Equal Opportunity Employer, fostering a culture of diversity, equity, and inclusion, which is core to our values and important to attract and retain exceptional talent. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $6.9 billion. For more information, visit saic.com. For ongoing news, please visit our newsroom.