Join our Talent Network >

Principal Cyber Security Analyst

Job ID: 195190
Location: RESTON, VA, United States
Date Posted: Sep 22, 2019
Category: Cyber
Subcategory: Cyber Sec Analyst
Schedule: Full-time
Shift: Day Job
Travel: Yes, 25 % of the Time
Minimum Clearance Required: None
Clearance Level Must Be Able to Obtain: None
Potential for Teleworking: No

Share: mail

Job Description

Description

SAIC is seeking a Principal Cyber Security Analyst to join our Cyber Security team in Reston, VA.

 

PRIMARY RESPONSIBILITIES:

 

The BSE Principal will be responsible for analyzing the service request and proposal /bid opportunities and recommending alternatives / exceptions to enable the business for pursuit. Will research ITO Demand Management domain materials to develop SAIC Business leads, contacts, and capture plans. Will support new business proposals through capture activities and responses to requests for proposal (RFPs). Will actively participate in industry groups and conferences to represent and promote the company's capabilities Lead the Cyber Security Business Engagement (CSBE) organization by providing technical vision and security program management fundamentals across the organization.

 

  • Work closely with the other organizations within the CS Directorate to ensure comprehensive handoffs (training, documentation, and technical integration) to Cyber Security GRC, IAM, Architecture and Engineering Operations until secure Business security architecture and engineering tasks are complete.
  • Work closely with other SAIC organizations, within CS to ensure SAIC solutions and cyber capabilities meet CS Threat Intelligence/Management team’s BR, SOC, CIRT and VMP and Cyber Solutions Directorate requirements and adhere to Governance, Risk, and Compliance (GRC) polices.
  • Support the development of cybersecurity technical roadmaps and documentation to drive constant cyber transformation and improvements in SAIC’s enterprise defensive security posture
  • Collaborate using networks and professional relationships to achieve common goals.
  • Be a cybersecurity leader, and provide mentorship for less experienced cybersecurity practitioners


Qualifications

REQUIRED QUALIFICATIONS:

  • Bachelors in Information Systems, Computer Science, Information Security or related IT field and nine (9) years or more experience.

  • Demonstrated previous leadership, deep technical risk analysis, and engineering and architectural design understanding, knowledge and experience.

  • Ability to write and verbally communicate information security and risk-related concepts effectively to both technical and non- technical audiences.

  • Must have strong problem- solving and analytical skills and demonstrate poise and ability to act calmly and competently in high-pressure, high-stress situations.

  • Working knowledge of Security Standards/Controls specified under various IT governance and compliance models (NIST, ISO 27001&27002, ITIL, SOX, and DFARS/FARS). This includes: Applications and Systems Development Security, Security Management Practices, Access Control, Security Architecture and Modeling, Telecommunications, Network Security, Cryptography (PKI), Operations Security, and Physical Security Controls Experience in security hardening and firewall configurations that reflect best practice secure settings based on industry benchmark and / or exceptions that minimize risk to the security and enable business Deep technical knowledge of common cybersecurity engineering, architecture and design and principles.

  • Fundamental technical knowledge of Active Directory, Windows and Linux OSes, VMWare, SDDC and Virtual firewalls, networks, Oracle, SQL, stored procedures, scripts and reports.

  • Expertise with NIST and ISO 27000 series, particularly NIST SP 800-53, NIST SP 800-171 r1, ISO 27001/2.

  • 8-10 years relevant risk assessment, information security / analytical experience.

  • Experience acting as a Subject Matter Expert or team lead providing guidance to others

  • Strong communication skills; person in this role must be able to successfully communicate with management personnel, technical personnel and third parties

  • Professional Security Industry Certifications such as CISSP, CCNA, CCIE or other relevant industry certifications through such accrediting bodies such as the DoD, ISC2, ISACA, SANS or Comp TIA.

  • Proven ability to work with cross-functional teams.

  • Self-starter, individual contributor; must perform with limited or no supervision.

  • Possesses proven initiative and developed listening skills.

  • Demonstrate timely task completion involving solid organizational skills, task tracking, and follow-up, and productive peer interaction.

  • Possess strong technical writing, verbal and presentation skills especially with communicating to PMOs / senior management.

  • Provide feedback on internal processes required to help train and mentor other professionals as needed

  • Worked with Secure Development Life Cycle and Work experience in a mature risk management team with proven risk assessment methodology.

  • Demonstrate success leading and conducting senior level security risk analysis. Specifically, threat modeling involving system decomposition, threat and vulnerability discovery and mitigation. Understanding of SAIC Security policy, Cyber Security Framework (CSF), Risk Management Framework (RMF) and SANS Top 20 behavioral based threat models, (e.g., ATT&CK, Cyber Kill Chain, Diamond Model, etc.

  • Strong understanding of cybersecurity and project management fundamentals.

  • Familiarity with common cybersecurity COTS and FOSS tools and their application in a large enterprise environment. 

 

DESIRED QUALIFICATIONS:

  • Experience in the use of   MS Project, MS, Visio, SCCM,FIM/ MIM VMware SDDC and other Microsoft products, ServiceNow, Archer and SPLUNK eGRC /SEIMs and other MVM / Nessus, and other security tools to manage the  service requests SIARRAs  work Queue and other URLs , AoVPNs, NAC exceptions service request / exception management intake points.

  • Experience with NIST SPs for SSPs, DFARs, FARs , HIPAA  & GDPR Encryption and other International security and regulatory standards

  • Project Management Skills ·Experience with reviewing systems vulnerabilities for risk and relevance.

  • Experience in planning mitigations for systems vulnerabilities

  • Extensive understanding of GRC, CRM and Security Champion Program technologies, concepts, policies, processes, best practices, and solutions.

  • Knowledge of technology trends and developments in the areas of IAM, and knowledge and experience with formal security and control frameworks such as ISO 17799, COSO, ITIL, and NIST SP 800-53

  • Ensure requirements gathered, processes defined, and use cases documented follow out of the box configuration vs. customization for relevant IAM technologies as much as possible.

  • Participate Design deployment architectures.

  • Participate in capacity planning and HW / SW specification recommendation efforts.

  • Participate in all technology deployment activities ranging from design to architecture to configuration and custom development.

  • Participate in and/or lead User Acceptance Testing and bug-related engineering efforts.

  • Design, implement and educate on code deployment, code migration, and source control use.

  • Provide knowledge transfer and post production support activities as necessary.

  • Comprehensive understanding of Data Protection solutions and technologies including; Data Loss Prevention (DLP), data masking, tokenization, data classification, and data encryption.


Desired Qualifications

 

Overview

SAIC is a premier technology integrator, solving our nation's most complex modernization and systems engineering challenges across the defense, space, federal civilian, and intelligence markets. Our robust portfolio of offerings includes high-end solutions in systems engineering and integration; enterprise IT, including cloud services; cyber; software; advanced analytics and simulation; and training. We are a team of 23,000 strong driven by mission, united purpose, and inspired by opportunity. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $6.5 billion. For more information, visit saic.com. For information on the benefits SAIC offers, see Working at SAIC. EOE AA M/F/Vet/Disability

Share: mail

Similar Jobs

Cyber Sec Analyst Principal / Navy Validator

FLEXWORK, DC, United States
Cyber

Cyber Intelligence Director

RESTON, VA, United States
Cyber

Sr. IT Audit Specialist

VIENNA, VA, United States
Cyber

Principal Cyber Security Analyst

RESTON, VA, United States
Cyber

Network Security Lead (Remote)

FLEXWORK, VA, United States
Cyber

Information Assurance Analyst - Database

BETHESDA, MD, United States
Cyber

Cyber Sec Analyst Sr

WASHINGTON, DC, United States
Cyber

Cloud Cyber Engineer / ISSE

RESTON, VA, United States
Cyber

Cyber Security Analyst Sr, TS/SCI & Poly Required

CHANTILLY, VA, United States
Cyber

Cyber Security Engineer

CHANTILLY, VA, United States
Cyber

Clearance Sponsorship IT professional

RESTON, VA, United States
Cyber

Cleared Cyber Security Analyst

RESTON, VA, United States
Cyber

Data Architect/Scientist

RESTON, VA, United States
Cyber

Cybersecurity T&E Engineer

DC, United States
Cyber

Princpal Cyber Security Engineer / Architect

RESTON, VA, United States
Cyber

Cyber Security Analyst

WASHINGTON, DC, United States
Cyber

Audit Technical Liaison

VIENNA, VA, United States
Cyber

IT Security Analyst

VIENNA, VA, United States
Cyber

Security Operations Analyst - SOC Analyst 2

VIENNA, VA, United States
Cyber

Sr. Application Security Engineer

VIENNA, VA, United States
Cyber

Provide your information to receive jobs that fit you by keywords, location, and more,
and then receive great opportunities based on your skills and experience.

Join our Talent Network >