Join our Talent Network >

Vulnerability Remediation Engineer

This job posting is no longer active.

Job ID: 2501459
Location: REMOTE WORK, VA, United States
Date Posted: Feb 13, 2025
Category: Cyber
Subcategory: Cybersecurity Spec
Schedule: Full-time
Shift: Day Job
Travel: No
Minimum Clearance Required: None
Clearance Level Must Be Able to Obtain: Public Trust
Potential for Remote Work: Remote
Benefits: Click here

Share: mail

Job Description

Description

We are seeking a skilled Security Engineer with extensive experience in vulnerability remediation at the operating system (OS) level across various cloud environments, including AWS, Azure, OCI, and GCP. The ideal candidate will be responsible for ensuring the security and integrity of our cloud infrastructure by identifying, assessing, and mitigating vulnerabilities. This role requires a deep understanding of cloud services, operating system vulnerabilities, and best practices for securing cloud environments that are hosting a variety for MS Windows, and Linux (Red hat, Ubuntu, Amazon) operating systems.

Key Responsibilities:

·      Identify and remediate vulnerabilities** in cloud infrastructure, with a specific focus on OS-level threats across multiple cloud platforms, including compliance with STIG and CIS benchmarks.

·      Collaborate with the cybersecurity team to conduct regular security assessments, vulnerability scans, and penetration tests to identify potential weaknesses.

·      Contribute to the development and maintenance of security policies, standards, and procedures for cloud infrastructure, working closely with the cybersecurity team.

·      Work with development and operations teams to ensure secure deployment of applications, emphasizing secure configurations and OS-level hardening.

·      Monitor security alerts and logs to detect and respond to potential security incidents across cloud environments.

·      Stay up-to-date with the latest security threats, vulnerabilities, and technology trends** relevant to cloud infrastructure and operating systems.

·      Provide guidance and mentorship to junior engineers and team members** on best practices for security and vulnerability management in cloud environments.

·      Document security controls, configurations, and processes** for audit and compliance purposes, ensuring alignment with organizational standards.

Qualifications

Required:

Must be a U.S. Citizen with the ability to obtain and maintain a Public Trust Clearance. 

·      Bachelor's degree in Computer Science, Information Technology, or a related field and five (5) or more years of experience; Masters degree and three (3) or more years of experience. 

·      Professional certifications such as AWS Certified Security - Specialty, Azure Security Engineer Associate, Google Professional Cloud Security Engineer, or equivalent.

·      Minimum of 5 years of experience in cloud engineering, with a focus on security and vulnerability management across AWS, Azure, OCI, and GCP.

·      Proven experience in identifying and remediating OS-level vulnerabilities in both Linux and Windows environments with a strong understanding of STIG and CIS compliance requirements.

·      Strong understanding of cloud security frameworks and best practices, including NIST, CIS, and ISO 27001.

·      Proficiency in using security tools such as Nessus Tenable, ORCA Security, AWS Security Hub, Azure Security Center, Google Cloud Security Command Center, and other vulnerability scanning tools.

·      Familiarity with Red Hat Satellite server, WSUS, IBM BigFix or other similar toolsets.

·      Knowledge of scripting languages such as Python, Bash, PowerShell, Ansible for automation of security remediation tasks.

·      Excellent problem-solving skills and the ability to work under pressure in a fast-paced environment.

·      Strong communication and interpersonal skills, with the ability to explain complex security issues to technical and non-technical stakeholders.

Preferred:

·      Experience with Infrastructure as Code (IaC) tools such as Terraform or CloudFormation.

·      Familiarity with DevSecOps practices and integrating security into CI/CD pipelines.

·      Knowledge of container security and orchestration tools such as Docker and Kubernetes.


Target salary range: $120,001 - $160,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.

SAIC accepts applications on an ongoing basis and there is no deadline.

Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.

Overview

SAIC® is a premier Fortune 500® technology integrator focused on advancing the power of technology and innovation to serve and protect our world. Our robust portfolio of offerings across the defense, space, civilian and intelligence markets includes secure high-end solutions in mission IT, enterprise IT, engineering services and professional services. We integrate emerging technology, rapidly and securely, into mission critical operations that modernize and enable critical national imperatives.

We are approximately 24,000 strong; driven by mission, united by purpose, and inspired by opportunities. SAIC is an Equal Opportunity Employer. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $7.4 billion. For more information, visit saic.com. For ongoing news, please visit our newsroom.

Share: mail

Are you an SAIC Employee?

Please apply through the internal career site here >