Join our Talent Network >

Cybersecurity Lead

Job ID: 200096
Location: , United States
Date Posted: Jan 16, 2020
Category: Cyber
Subcategory: Cyber Eng/Archt
Schedule: Full-time
Shift: Day Job
Travel: Yes, 10 % of the Time
Minimum Clearance Required: Secret
Clearance Level Must Be Able to Obtain: Secret
Potential for Teleworking: Yes

Share: mail

Job Description

Description

SAIC is seeking a Cyber Security Lead for the Cloud One program under the Air Force Lifecycle Management Center Office for Network Integration (AFLCMC/HNI). The Cloud One Common Computing Environment is an existing global, interconnected, virtualized, hybrid, and IT infrastructure hosting mission systems, applications, services, and data that will serve the U.S. Air Force (USAF) and U.S. Army (USA). Cloud One incorporates the capabilities of commercial cloud and Managed Service Providers (MSP) residing in Cloud Service Providers (CSPs). Cloud One facilitates the USAF and USA’s efforts to migrate applications to a cloud environment, allowing the closure of data centers to support the Data Center Optimization Initiative (DCOI) and allowing for increased efficiencies across the entire spectrum of the USAF and USA's IT operations. The candidate for this position may work anywhere in the United States. There is no requirement to work at a SAIC or customer site to support Cloud One.


The candidate for this position:
  • Designs, tests, and implements secure operating systems, networks, security monitoring, tuning and management of IT security systems and applications, incident response, digital forensics, loss prevention, and eDiscovery actions. Conducts risk and vulnerability assessment at the network, system and application level. Conducts threat modeling exercises. Develops and implements security controls and formulates operational risk mitigations along with assisting in security awareness programs. Involved in a wide range of security issues including architectures, firewalls, electronic data traffic, and network access. Researches, evaluates and recommends new security tools, techniques, and technologies and introduces them to the enterprise in alignment with IT security strategy. Utilizes COTS/GOTS and custom tools and processes/procedures in order to scan, identify, contain, mitigate and remediate vulnerabilities, and intrusions.  Assists in the implementation of the required government policy (i.e., NISPOM, DCID 6/3), and makes recommendations on process tailoring. Performs analyses to validate established security requirements and to recommend additional security requirements and safeguards. Supports the formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results, and preparation of required reports. Periodically conducts a review of each system's audits and monitors corrective actions until all actions are closed.  May support cyber metrics development, maintenance and reporting. May provide briefings to senior staff. Utilizes COTS/GOTS and custom tools and processes/procedures in order to scan, identify, contain, mitigate and remediate vulnerabilities, and intrusions.  Assists in the implementation of the required government policy (i.e., NISPOM, DCID 6/3), and makes recommendations on process tailoring. Performs analyses to validate established security requirements and to recommend additional security requirements and safeguards. Supports the formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results, and preparation of required reports. Periodically conducts a review of each system's audits and monitors corrective actions until all actions are closed.  May support cyber metrics development, maintenance and reporting. May provide briefings to senior staff.    

  • Problem Complexity: Works on unusually complex technical problems and provides solutions which are highly innovative and ingenious.  

  • Impact: Develops advanced technological ideas and guides their development into a final product.  Erroneous decisions or recommendations would typically results in failure to achieve critical organizational objectives and affect image of organization's technological capability.

  • Liaison: Serves as organization spokesperson on advanced projects and/or programs.  Acts as advisor to management and customers on advanced technical research studies and applications. 

Specific duties include:
  • Serve as the point of contact for all Cybersecurity Test & Evaluation (T&E) events
  • Ability to service all aspects of control implementation and fulfill the RMF Practitioner as defined in DoDI 8510.01
  • Interface with cybersecurity stakeholders during integrated product team meetings, working groups, and all other related discussions
  • Support the strategic planning process by determine which CSP services are listed on the Provisional Authorization (PA) IL and provide this list of services in the service catalog
  • Advise the government of new features offered by cloud service providers that may not be included on the list of services with Provisional Authorization to Operate (PATO) and make recommendations for government risk acceptance decisions
  • Support the describing in detail the security services provided for customers in the CSP environments including the services provided directly by the CSP exclusive of the CSSP
  • Provide a documented secure solution that meets RMF IAW AFI 17-101 & Army Regulation 25-2 that identifies data flows & interconnections with other systems/applications and traceability to RMF controls and requirements
  • Support security assessments and the resolution of concerns/issues identified by assessment team(s) including security reviews, test, and exercises.
  • Provide an incident response and disaster recovery plan
  • Ability to support POA&M reviews and recommendations
  • Ability to create System Security Plan (SSP) templates that provides a common approved language for documenting common inherited security features


Qualifications

  • Bachelors and fourteen (14) years or more experience; Masters and twelve (12) years or more experience; PhD or JD and nine (9) years or more experience. In lieu of a degree an additional four (4) years of experience is required (or add statement about certifications in lieu of degree)

  • A secret security clearance is required
  • Experienced in the DoD RMF Assessment & Authorization (A&A) process

  • At least three (3) years of cybersecurity related experience

  • Minimum Information Assurance Technical (IAT) Level II certified IAW DoD 8570.01M

  • Compliant with DoD and USAF training requirements in DoDD 8570.01, DoD 8570.01-M, and AFMAN 17-1303.

  • Knowledge of DoD Policies and procedures including DoD 8500.01 and DoD 8510.01.

  • Experience with Risk Management Framework (RMF) and updating of security artifacts

  • Experience with compliance verification methods including DISA STIG, SRGs, and best practices

  • Experience with DevSecOps
  • Knowledge of the DoD suite of security tools including ACAS, HBSS, and eMASS.

  • Knowledge of cloud environments provided by AWS and Azure

  • Working knowledge of Microsoft Office Suite including Microsoft Visio


Desired Qualifications

 
  • Knowledge of DESMF
  • CISSP certification preferred
  • Experience with Agile, Scrum, SAFe or other modern software development methods/practices

  • Experience supporting USAF or USA software development projects

  • Experience supporting software migration efforts



Overview

SAIC is a premier technology integrator solving our nation's most complex modernization and readiness challenges. Our robust portfolio of offerings across the defense, space, civilian, and intelligence markets includes high-end solutions in engineering, IT, and mission solutions. Using our expertise in existing and emerging technologies, we integrate the best components from our own portfolio and our partner ecosystem to deliver innovative, effective, and efficient solutions. We are 23,000 strong; driven by mission, united by purpose, and inspired by opportunities. Headquartered in Reston, Virginia, SAIC has pro forma annual revenues of nearly $6.5 billion. For more information, visit saic.com. For ongoing news, please visit our newsroom. For SAIC benefits information, see Working at SAIC. EOE AA M/F/Vet/Disability

Share: mail

Similar Jobs

Cyber Sec Analyst

MIDDLETOWN, RI, United States
Cyber

Cyber Engineer/Architect and Program Engineering Staff

FAIRMONT, WV, United States
Cyber

Cyber Threat Intel Analyst

FAIRMONT, WV, United States
Cyber

Cloud Security Analyst

WASHINGTON, DC, United States
Cyber

Cyber Security Analyst

WASHINGTON, DC, United States
Cyber

IT Security Analyst

VIENNA, VA, United States
Cyber

Senior IT Security Analyst

VIENNA, VA, United States
Cyber

Cyber Network Security Engineer

EGLIN AFB, FL, United States
Cyber

Cyber Security Engineer

CHANTILLY, VA, United States
Cyber

Task Manager-Cyber Monitoring and Operations

ARLINGTON, VA, United States
Cyber

Cyber Sec Analyst Principal

SAN DIEGO, CA, United States
Cyber

Sr. Cyber Security Analyst

RESTON, VA, United States
Cyber

Cyber Operations Action Officer

FORT BELVOIR, VA, United States
Cyber

Cyber and Intelligence Industry Networking Event

FORT MEADE, MD, United States
Cyber

Principal Cyber Engineer Architect

COLORADO SPRINGS, CO, United States
Cyber

Cyber Strategy Analyst

MACDILL AFB, FL, United States
Cyber

Senior Principal Cyber Engineer/Architect

EL SEGUNDO, CA, United States
Cyber

GPS Senior Cybersecurity Engineer

AURORA, CO, United States
Cyber

Cybersecurity Analyst

HILL AFB, UT, United States
Cyber

NASA IV&V Vulnerability Researcher & Exploit Developer

FAIRMONT, WV, United States
Cyber

Cyber Security Engineer

SUFFOLK, VA, United States
Cyber

Senior Cyber Security Analyst

HERNDON, VA, United States
Cyber

Cyber Security Analyst

HERNDON, VA, United States
Cyber

Engineer Info Assurance 5

ANNAPOLIS JUNCTION, MD, United States
Cyber

Provide your information to receive jobs that fit you by keywords, location, and more,
and then receive great opportunities based on your skills and experience.

Join our Talent Network >