Job ID: 202124
Location: HERNDON, VA, United States
Date Posted: Jul 8, 2020
Subcategory: Cyber Sec Analyst
Shift: Day Job
Travel: Yes, 25 % of the Time
Minimum Clearance Required: TS/SCI with Poly
Clearance Level Must Be Able to Obtain: None
Potential for Remote Work: No
SAIC is seeking a Senior Cyber Security Analyst, serving as a Blue Team (BT) Vulnerability Assessment Team Lead (ATL). Lead the coordination and collaboration of vulnerability assessments. Ensure team composition supports all aspects of the assessment scope. Also supports creation of cyber metrics development, maintenance and reporting process and procedures. Ensure applicable Blue Team Vulnerability Assessment discipline is achieved, while leveraging customer/contractual Vulnerability Assessment Process Framework to include documentation creation and review, resource loading assessment schedules, and documenting risks/issues. Provide briefings to senior staff officers and government officials as necessary. Works on unusually complex technical problems and provides solutions which are highly innovative and creative. Also serves as advisor to management and customers on advanced technical research and development (R&D) studies and applications as requested.
Perform analyses to validate established security controls and requirements are met and recommend additional security requirements and safeguards. Conduct “Blue Team” risk and vulnerability assessments at the network, system and application levels. Conduct threat modeling exercises and assist in a wide range of security issues including vulnerability assessments of architectures, firewalls, electronic data traffic, and network access controls. Utilizes COTS/GOTS and custom tools and processes/procedures in order to scan, identify, contain, and mitigate vulnerabilities, and intrusions.
Design, test and implement secure operating systems, networks, security monitoring, tuning and management of IT security systems and applications, incident response, digital forensics, loss prevention, and eDiscovery actions.
Recommend additional security requirements and safeguards as needed. Support cyber metrics development, maintenance and reporting procedures. Assist in the implementation of the required government policy (i.e., ICD 503, NISPOM and NIST- RMF), and makes recommendations on process tailoring.
Research, evaluate and recommend new security tools, techniques, and technologies and introduces them to the enterprise in alignment with IT security strategy.
Support formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results, and preparation of required reports. Periodically conducting reviews of various system's audits and monitors corrective actions until all actions are closed.
Participates with senior managers to establish strategic plans and objectives. Apply advanced technical principles, theories, and concepts. Contribute to development of new principles and concepts. Recommend/makes decisions on administrative or project work matters and ensures effective achievement of program, project, or organizational objectives.
PROBLEM COMPLEXITY: Works on unusually complex technical problems and provides solutions which are highly innovative and ingenious.
FREEDOM TO ACT: Works under consultative direction toward pre-determined long-range goals and objectives. Assignments are often self-initiated. Determine and pursue courses of action necessary to obtain desired results. Work checked through consultation and agreement with others rather than by formal review of supervisor. Exercises independent judgment in methods, techniques and evaluation criteria for obtaining results.
IMPACT: Develops advanced technological ideas and guides their development into a final product.
LIAISON: Serves as organization spokesperson on advanced projects and/or programs. Acts as advisor to management and customers on advanced technical research studies and applications.
Bachelors and fourteen (14) years or more experience;
Masters and twelve (12) years or more experience;
PhD or JD and nine (9) years or more experience in a Technology, IT, or Cybersecurity field.
DoD Directive 8570 / 8140 IAT/IAM III or IASE Level II Certification
Active Top Secret clearance
ISACA Certified Information Systems Auditor (CISA)
EC-Council Certified Ethical Hacker (CEH)
SANs GIAC certification ( e.g., GPEN or GW APT)
Offensive-Security Certified Professional (OSCP)
Experience with Cyber threat methodologies
SAIC is a premier technology integrator solving our nation's most complex modernization and readiness challenges. Our robust portfolio of offerings across the defense, space, civilian, and intelligence markets includes high-end solutions in engineering, IT, and mission solutions. Using our expertise in existing and emerging technologies, we integrate the best components from our own portfolio and our partner ecosystem to deliver innovative, effective, and efficient solutions. We are 25,500 strong; driven by mission, united by purpose, and inspired by opportunities. Headquartered in Reston, Virginia, SAIC has pro forma annual revenues of nearly $7.1 billion. For more information, visit saic.com. For ongoing news, please visit our newsroom. For SAIC benefits information, see Working at SAIC. EOE AA M/F/Vet/Disability