SAIC is currently looking for a Senior Cyber Engineer to support the Cybersecurity/ Information Systems Security Team supporting software development and sustainment of U.S. Army Battle Command & Control Systems for the MCE team in Huntsville, AL.
The candidate will join a 4-person team responsible for the current sustainment and accreditation of JBC-P/MCE, as well as designing and implementing software security upgrades to future versions.
- The identification, documentation and mitigation of cybersecurity vulnerabilities using the Risk Management Process (RMF)
- Providing robust implementation of good security practices and technical insight on remediation of cybersecurity concerns via direct interaction with the software development team.
- The position requires daily interaction with the MCE leadership and Software Engineering teams to review security design requirements, evaluate proposed technical solutions for remediation of software vulnerabilities, and verify implementation of security updates for sustaining the current and future MCE systems.
Understanding of the following:
- EMASS (Enterprise Mission Assurance Security System)
- ACAS (Assured Compliance Assessment Scanner)
- STIGs (Security Technical Implementation Guides)
- HBSS (Host Based Security Solution)
- IAVMs ( Information Assurance Vulnerability Management)
- CVE’s (Common Vulnerabilities and Exposures; per MITRE/SANS
- CWE’s (Common Weakness Enumeration), per MITRE/SANS
- US-CERT Secure Coding Standards
REQUIRED EDUCATION AND EXPERIENCE:
Bachelors and five (5) years or more experience; Masters and three (3) years or more experience; PhD and 0 years related experience; years of experience can be used in lieu of degree
- Must be eligible for Secret Security Clearance; prefer Active clearance
- Experience and proficiency with at least 1 of the following operating systems: Windows 7, 10; Linux (Red Hat 6 or 7 preferred); and/or Android-based systems.
- Experience with the DoD Risk Management Framework (RMF) and the accreditation process for DoD systems, based on NIST 800-53 and DoDI 8510.01
- User-level experience with EMASS as an ISSO/ISM/SO
- DoD 8570.01 Workforce Certification at the IAM Level II (CAP, CASP, CISM, CISSP, or GSLC certification)
- Experience with software design and testing, and commercial network scanning tools will be helpful. (Wireshark, Nmap, Tenable Nessus, Fortify Code Analyzer, or similar)
- Programming experience with C++, Java, Python, or similar languages.
- Experience with the US Army in general (member of any operational unit at the brigade level or below will be helpful to understand deployment and implementation of JBC-P tactical software)
SAIC is a premier technology integrator solving our nation's most complex modernization and readiness challenges. Our robust portfolio of offerings across the defense, space, civilian, and intelligence markets includes high-end solutions in engineering, IT, and mission solutions. Using our expertise in existing and emerging technologies, we integrate the best components from our own portfolio and our partner ecosystem to deliver innovative, effective, and efficient solutions.
We are 23,000 strong; driven by mission, united by purpose, and inspired by opportunities. Headquartered in Reston, Virginia, SAIC has pro forma annual revenues of nearly $6.5 billion. For more information, visit saic.com. For ongoing news, please visit our newsroom. For SAIC benefits information, see Working at SAIC. EOE AA M/F/Vet/Disability