SAIC is seeking a remote Cyber Security Engineer for
the Cloud One program under the Air Force Lifecycle Management Center Office
for Network Integration (AFLCMC/HNI). The Cloud One Common Computing
Environment is an existing global, interconnected, virtualized, hybrid, and IT
infrastructure hosting mission systems, applications, services, and data that
will serve the U.S. Air Force (USAF) and U.S. Army (USA). Cloud One
incorporates the capabilities of commercial cloud and Managed Service Providers
(MSP) residing in Cloud Service Providers (CSPs). Cloud One facilitates the
USAF and USA’s efforts to migrate applications to a cloud environment, allowing
the closure of data centers to support the Data Center Optimization Initiative
(DCOI) and allowing for increased efficiencies across the entire spectrum of
the USAF and USA's IT operations. The candidate for this position may work
anywhere in the United States. There is no requirement to work at a SAIC or
customer site to support Cloud One.
The candidate for this position:
- Architects, plans, configures, deploys,
maintains, and upgrades COTS/GOTS and custom toolsets to address
vulnerabilities and/or implement security controls. Applies a
combination of expert engineering knowledge of enterprise IT and security solutions
to design, develop and/or implement solutions to ensure they are consistent
with enterprise architecture security policies and support full spectrum
military cyberspace operations. Designs, tests, and implements secure operating
systems, networks, security monitoring, tuning and management of IT security
systems and applications, incident response, digital forensics, loss
prevention, and eDiscovery actions. Includes security control design and
solution planning at the system, mission, and enterprise level,
security-in-depth/defense-in-depth, and other related IAM/ISSO/ISSE support
functions. Involved in a wide range of security issues including
architectures, firewalls, electronic data traffic, and network access.
Researches and evaluates cyber capabilities and new security tools and products
against operational requirements and introduces them to the enterprise in
alignment with IT security strategy, and to support the offensive and defensive
capability design and troubleshoot and problem solve technical and
non-technical issues. . At the Leadership level this is senior technical
staff dedicated to transforming customer environments into a more secure
operating environment in a holistic manner.
- Problem Complexity: Develops technical solutions to complex problems which
require the regular use of ingenuity and creativity.
- Impact: Guides the
successful completion of major programs. Erroneous decisions or
recommendations would typically result in failure to achieve major
- Liaison: Represents
organization as prime technical contact on contracts and projects.
Interacts with senior external personnel on significant technical matters often
requiring coordination between organizations.
Specific duties include:
- Assist in assessing the data Impact Level (IL)
of migrating applications in accordance with the DoD Cloud Computing Security
Requirements Guide (SRG).
- Provide automated application of DoD-hardened
STIG for platforms and application configurations
- Work with the government to implement and evolve
phased ATO process for the environment using A&A automation and maximize
the use of inheritance/reciprocity
- Develop approaches support strong authentication
and multi-factor authentication to implement data access authorization based on
- Implement and provide a method of verification
of the applicable DISA STIG, SRGs, and best practices
- Provide Tier 3 Cyber Security Service Provider
(CSSP) support, as well as interface with and meet requirements of the Tier 2
CSSP support providers
- Ability to provide timely remediation
recommendations for audit findings
- Ability to support POA&M reviews and
- Ability to support Code Review Security
- Ability to support the updates to Risk
Management Framework Artifacts
- Ability to create a Microsoft Visio based
topology diagram template.
REQUIRED EDUCATION AND EXPERIENCE
- Bachelors and nine (9) years or more experience;
Masters and seven (7) years or more experience; PhD or JD and four (4) years or
more experience. In lieu of a degree an additional four (4) years of experience
- Minimum Information Assurance System
Architecture and Engineering (IASAE) Level II certified IAW DoD 8570.01M
- Compliant with DoD and USAF training
requirements in DoDD 8570.01, DoD 8570.01-M, and AFMAN 17-1303.
- Knowledge of DoD Policies and procedures including
DoD 8500.01 and DoD 8510.01.
- Experience with Risk Management Framework (RMF)
and updating of security artifacts
- Experience with compliance verification methods
including DISA STIG, SRGs, and best practices
- Experience with DevSecOps
- Knowledge of the DoD suite of security tools
including ACAS, HBSS, and eMASS.
- Knowledge of cloud environments provided by AWS
- Working knowledge of Microsoft Office Suite
including Microsoft Visio
SAIC is a premier technology integrator solving our nation's most complex modernization and readiness challenges. Our robust portfolio of offerings across the defense, space, civilian, and intelligence markets includes high-end solutions in engineering, IT, and mission solutions. Using our expertise in existing and emerging technologies, we integrate the best components from our own portfolio and our partner ecosystem to deliver innovative, effective, and efficient solutions.
We are 25,500 strong; driven by mission, united by purpose, and inspired by opportunities. Headquartered in Reston, Virginia, SAIC has pro forma annual revenues of nearly $7.1 billion. For more information, visit saic.com. For ongoing news, please visit our newsroom. For SAIC benefits information, see Working at SAIC. EOE AA M/F/Vet/Disability