Cyber Lead

Job Description

Description

SAIC is seeking an experienced individual to join SAIC’s team, in support of the U.S. Southern Command’s Cyber IT Enterprise Services (SCITES), to help provide our Nation for contingency planning, operations, and security operations to Central America, South America, the Caribbean areas.

The candidate selected for this position shall:

• Provide correlation and analysis of cyberspace incident reports derived from reliable sources, network sensors, vulnerability management devices, open source information, and Industry/ Government provided situational awareness of known adversary activities

• Apply expert knowledge of Named Areas of Interest (NAI) and advanced persistent threats to review, analyze, and maintain the content of an indicator database to aid in the detection and mitigation of threat activity

• Utilize COTS/GOTS analyses tool and expert knowledge to provide threat detection analysis and monitoring, correlation, and prevention of cyber threat activity targeting the customer network.  This task requires technical knowledge on the utilization of government and industry capabilities, best security practices, advanced log analysis, forensics, network monitoring, network flow analysis, packet capture analysis, network proxies, firewalls, and anti-virus capabilities. Additionally, this task requires technical knowledge of forensics analysis to determine adversary methods of exploiting information system security controls, the use of malicious logic, and the lifecycle of network threats and attack vectors

• Produce reports on the unique TTPs utilized and conduct incident handling/triage, network analysis and threat detection, trend analysis, metric development, and security vulnerability information dissemination

• Be able to assist the customer with developing metrics and trending/analysis reports of malicious activity and develop signatures for threat detection

• Apply advanced technical principles, theories, and concepts

• Contribute to development of new principles and concepts

• Participate with senior managers to establish strategic plans and objectives

• Recommend/make decisions on administrative or project work matters and ensures effective achievement of program, project, or organizational objectives

• Work under consultative direction toward pre-determined long-range goals and objectives.  Assignments are often self-initiated

• Determine and pursue courses of action necessary to obtain desired results

• Work checked through consultation and agreement with others rather than by formal review of supervisor

• Exercise independent judgment in methods, techniques and evaluation criteria for obtaining results

• Serve as organization spokesperson on advanced projects and/or programs

• Act as advisor to management and customers on advanced technical research studies and applications

• Apply a combination of expert engineering knowledge of enterprise IT and security solutions to design, develop and/or implement solutions to ensure they are consistent with enterprise architecture security policies and support full spectrum military cyberspace operations

• Design, test, and implement secure operating systems, networks, security monitoring, tuning and management of IT security systems and applications, incident response, digital forensics, loss prevention, and eDiscovery actions

• Lead as a senior technical staff dedicated to transforming customer environments into a more secure operating environment in a holistic manner 

• Primary technical responsibility for all Cybersecurity work efforts and all cyber and IT security requirements

• Provide oversight and management of all technical personnel working within security section conducting the following activities:

  • Engineering, analysis and trade studies leading to recommendations for project investments to improve satellite ground systems cybersecurity

  • Information and Cybersecurity supporting sustainment and cyber projects, including Security Continuous Monitoring and Situation Awareness, Cyber Security Awareness & Training, and Cyber Security Assessment & Authorization

  • Provides guidance and assistance for IT security to include implementation of software patches, IAVAs, STIGs for both operating systems and applications

  • Respond to and execute against Plan of Action and Milestones (POA&M) issued by customer or security oversight contractor

  • Initiate specific cybersecurity training programs as required

  • Requires strong written and verbal presentation skills including formal and informal presentation of work and assessments to critical audience

Qualifications

• BS or equivalent experience
• Certifications

  • Must meet the requirements of DoD 8570.01M, CSSP Manager – CISM, CISSP-ISSMP, CCISO

• Top Secret Clearance

• 10 years of experience in information technology solutions, operations and maintenance of networked infrastructures, Cyber/IT solutions

• Knowledge of , Risk Management Framework (NIST SP 800-37Rev2), Vulnerability Scanning/Analysis/Reporting, Security Controls Assessment (SCAs), Penetration Testing, CSAM, Security Engineering, Security Solution Architecting

• Work location Doral, Florida

Desired Qualifications

Overview

SAIC is a premier technology integrator solving our nation's most complex modernization and readiness challenges. Our robust portfolio of offerings across the defense, space, civilian, and intelligence markets includes high-end solutions in engineering, IT, and mission solutions. Using our expertise in existing and emerging technologies, we integrate the best components from our own portfolio and our partner ecosystem to deliver innovative, effective, and efficient solutions. We are 23,000 strong; driven by mission, united by purpose, and inspired by opportunities. Headquartered in Reston, Virginia, SAIC has pro forma annual revenues of nearly $6.5 billion. For more information, visit saic.com. For ongoing news, please visit our newsroom. For SAIC benefits information, see Working at SAIC. EOE AA M/F/Vet/Disability