The SAIC is looking for a Lead Cybersecurity Engineer; this position is a contingent position that will be remote based. SAIC will provide support services to meet the strategic goals consistent with federal regulations, Department of Health and Human Services (HHS) policies and industry best practices. All while promoting and protecting public health.
- Provide 24x7x365 monitoring of all security devices, sensors, web proxies, endpoint encryption and security environment, antivirus and antimalware environment, federated authentication services environment, proxy auditing and inspection environment, PKI, and network/host based firewalls to detect real or possible security events.
- Upon identification of security events, escalate to SMC for immediate troubleshooting and remediation.
- Utilize Government Furnished Equipment (GFE)/Contractor Acquired Property (CAP) forensic tools to obtain evidence that adheres to standards admissible in a court of law in support of incident response teams.
- Review/correlate information from security clearing-houses and cooperative network security communities on the latest security trends and cyber threats and disseminate the collected intelligence to security stakeholders.
- Develop a security infrastructure baseline; maintain up-to-date signature levels and tuning of intrusion detection system (IDS) and other network security based toolsets; and report detected anomalies to the SMC Watch Officer.
- Provide 24x7x365 coverage (minimum of one Tier 3 and one Tier 1 analyst) for the SMC to provide users the ability to contact security staff about suspected security problems.
- Respond to and track all workstation and server image hash integrity failure notifications from the image creation and deployment groups and escalate to SMC Watch Officer for remediation.
- Monitor NAC security events both in real time and audit logs daily, and escalate to the appropriate Security Operations personnel when a NAC security event requires remediation.
- Monitor and review audit logs collected within the Security Incident and Event Management (SIEM) system daily for indications of inappropriate or unusual activity and report findings to the SMC Watch Officer.
- Create, manage, and maintain an SOP, installation guide, and CONOPS.
- Enable and disable accounts and hosts that result from security related events or incidents in ear real-time.
- Develop, maintain, update, store and distribute ad-hoc reports as requested (i.e. computer security incidents, events, issues, service tickets).
Bachelors and five (5) years or more experience; Masters and three (3) years or more experience; PhD and 0 years related experience.
- CCNA or CISSP certification
- Any additional certifications: Security +, Data Encryption, Cybertools i.e Splunk, Solarwinds, Nessus, NetApp, McAfee etc.
- Ability to obtain and maintain a SECRET clearance
SAIC is a premier technology integrator solving our nation's modernization and readiness challenges. Our offerings across defense, space, civilian, and intelligence markets include high-end solutions in engineering, IT, and mission outcomes. We integrate the best components from our portfolio with our partner's ecosystem to deliver innovative and effective solutions. We are 25,500 strong; driven by mission, united by purpose, and inspired by opportunities. Headquartered in Reston, VA, SAIC has annual revenues of nearly $7.1 billion. For information, visit saic.com or Working at SAIC for benefits details.
SAIC is an Equal Opportunity Employer empowering people no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status. We strive to create a diverse, inclusive and respectful work culture that values all.