Job ID: 200095
Location: , United States
Date Posted: Jun 16, 2020
Subcategory: Cyber Eng/Archt
Shift: Day Job
Travel: Yes, 10 % of the Time
Minimum Clearance Required: Secret
Clearance Level Must Be Able to Obtain: Secret
Potential for Teleworking: Yes
SAIC is seeking a Cyber Security Engineer for the Cloud One program under the Air Force Lifecycle Management Center Office for Network Integration (AFLCMC/HNI). The Cloud One Common Computing Environment is an existing global, interconnected, virtualized, hybrid, and IT infrastructure hosting mission systems, applications, services, and data that will serve the U.S. Air Force (USAF) and U.S. Army (USA). Cloud One incorporates the capabilities of commercial cloud and Managed Service Providers (MSP) residing in Cloud Service Providers (CSPs). Cloud One facilitates the USAF and USA’s efforts to migrate applications to a cloud environment, allowing the closure of data centers to support the Data Center Optimization Initiative (DCOI) and allowing for increased efficiencies across the entire spectrum of the USAF and USA's IT operations. The candidate for this position may work anywhere in the United States. There is no requirement to work at a SAIC or customer site to support Cloud One.
Architects, plans, configures, deploys, maintains, and upgrades COTS/GOTS and custom toolsets to address vulnerabilities and/or implement security controls. Applies a combination of expert engineering knowledge of enterprise IT and security solutions to design, develop and/or implement solutions to ensure they are consistent with enterprise architecture security policies and support full spectrum military cyberspace operations. Designs, tests, and implements secure operating systems, networks, security monitoring, tuning and management of IT security systems and applications, incident response, digital forensics, loss prevention, and eDiscovery actions. Includes security control design and solution planning at the system, mission, and enterprise level, security-in-depth/defense-in-depth, and other related IAM/ISSO/ISSE support functions. Involved in a wide range of security issues including architectures, firewalls, electronic data traffic, and network access. Researches and evaluates cyber capabilities and new security tools and products against operational requirements and introduces them to the enterprise in alignment with IT security strategy, and to support the offensive and defensive capability design and troubleshoot and problem solve technical and non-technical issues. . At the Leadership level this is senior technical staff dedicated to transforming customer environments into a more secure operating environment in a holistic manner.
Problem Complexity: Develops technical solutions to complex problems which require the regular use of ingenuity and creativity.
Impact: Guides the successful completion of major programs. Erroneous decisions or recommendations would typically result in failure to achieve major organizational objectives.
Liaison: Represents organization as prime technical contact on contracts and projects. Interacts with senior external personnel on significant technical matters often requiring coordination between organizations.
Assist in assessing the data Impact Level (IL) of migrating applications in accordance with the DoD Cloud Computing Security Requirements Guide (SRG).
Provide automated application of DoD-hardened STIG for platforms and application configurations
Work with the government to implement and evolve phased ATO process for the environment using A&A automation and maximize the use of inheritance/reciprocity
Develop approaches support strong authentication and multi-factor authentication to implement data access authorization based on user identity
Implement and provide a method of verification of the applicable DISA STIG, SRGs, and best practices
Provide Tier 3 Cyber Security Service Provider (CSSP) support, as well as interface with and meet requirements of the Tier 2 CSSP support providers
Ability to provide timely remediation recommendations for audit findings
Ability to support Code Review Security Vulnerabilities Remediation
Ability to support the updates to Risk Management Framework Artifacts
Ability to create a Microsoft Visio based topology diagram template.
Bachelors and nine (9) years or more experience; Masters and seven (7) years or more experience; PhD or JD and four (4) years or more experience. In lieu of a degree an additional four (4) years of experience is required (or add statement about certifications in lieu of degree).
Minimum Information Assurance System Architecture and Engineering (IASAE) Level II certified IAW DoD 8570.01M
Compliant with DoD and USAF training requirements in DoDD 8570.01, DoD 8570.01-M, and AFMAN 17-1303.
Knowledge of DoD Policies and procedures including DoD 8500.01 and DoD 8510.01.
Experience with Risk Management Framework (RMF) and updating of security artifacts
Experience with compliance verification methods including DISA STIG, SRGs, and best practices
Knowledge of the DoD suite of security tools including ACAS, HBSS, and eMASS.
Knowledge of cloud environments provided by AWS and Azure
Working knowledge of Microsoft Office Suite including Microsoft Visio
SAIC is a premier technology integrator solving our nation's most complex modernization and readiness challenges. Our robust portfolio of offerings across the defense, space, civilian, and intelligence markets includes high-end solutions in engineering, IT, and mission solutions. Using our expertise in existing and emerging technologies, we integrate the best components from our own portfolio and our partner ecosystem to deliver innovative, effective, and efficient solutions. We are 25,500 strong; driven by mission, united by purpose, and inspired by opportunities. Headquartered in Reston, Virginia, SAIC has pro forma annual revenues of nearly $7.1 billion. For more information, visit saic.com. For ongoing news, please visit our newsroom. For SAIC benefits information, see Working at SAIC. EOE AA M/F/Vet/Disability