SAIC is seeking a remote Cybersecurity Engineer for the Cloud One program under the Air Force Lifecycle Management Center Office for Network Integration (AFLCMC/HNI). The Cloud One Common Computing Environment is an existing global, interconnected, virtualized, hybrid, and IT infrastructure hosting mission systems, applications, services, and data that will serve the U.S. Air Force (USAF). Cloud One incorporates the capabilities of commercial cloud and Managed Service Providers (MSP) residing in Cloud Service Providers (CSPs). Cloud One facilitates the USAF efforts to migrate applications to a cloud environment, allowing the closure of on-premise data centers.
Responsibilities may include:
- Architecting, planning, configuring, deploying, maintaining, and upgrading COTS/GOTS and custom toolsets to address vulnerabilities and/or implement security controls. Applies a combination of expert engineering knowledge of enterprise IT and security solutions to design, develop and/or implement solutions to ensure they are consistent with enterprise architecture security policies. Includes security control design and solution planning at the system, mission, and enterprise level, security-in-depth/defense-in-depth, and other related IAM/ISSO/ISSE support functions. Involved in a wide range of security issues including architectures, firewalls, electronic data traffic, and network access.
- Assisting in the management of multiple ATOs including required documentation, RMF artifact updates, security scanning and ACAS via Tenable Security Center
- Assessing the data Impact Level (IL) of migrating applications in accordance with the DoD Cloud Computing Security Requirements Guide (SRG).
- Providing automated application of DoD-hardened STIG for platforms and application configurations
- Working with the government to implement and evolve phased ATO process for the environment using A&A automation and maximize the use of inheritance/reciprocity
- Developing approaches support strong authentication and multi-factor authentication to implement data access authorization based on user identity
- Implementing and providing a method of verification of the applicable DISA STIG, SRGs, and best practices
REQUIRED EDUCATION AND EXPERIENCE:
- Bachelors and nine (9) years or more experience; Masters and seven (7) years or more experience; In lieu of a degree an additional four (4) years of experience is required
- Minimum Information Assurance System Architecture and Engineering (IASAE) Level II certified IAW DoD 8570.01M
- Compliant with DoD and USAF training requirements in DoD 8570.01, DoD 8570.01-M, and AFMAN 17-1303.
- Knowledge of DoD Policies and procedures including DoD 8500.01 and DoD 8510.01.
- Experience with Risk Management Framework (RMF) and updating of security artifacts, and eMASS
- Experience with compliance verification methods including DISA STIG, SRGs, and best practices
DESIRED EDUCATION AND EXPERIENCE
- Experience with DevSecOps
- Knowledge of the DoD suite of security tools including ACAS, ESS/HBSS,.
- Knowledge of cloud environments provided by AWS and Azure
- Working knowledge of Microsoft Office Suite including Microsoft Visio
- Working knowledge of STIGviewer and Vulnerator tools
- Active Interim Secret Clearance with the ability to obtain a Secret SSBI.
SAIC is a premier technology integrator solving our nation's modernization and readiness challenges. Our offerings across defense, space, civilian, and intelligence markets include high-end solutions in engineering, IT, and mission outcomes. We integrate the best components from our portfolio with our partner's ecosystem to deliver innovative and effective solutions. We are 25,500 strong; driven by mission, united by purpose, and inspired by opportunities. Headquartered in Reston, VA, SAIC has annual revenues of nearly $7.1 billion. For information, visit saic.com or Working at SAIC for benefits details. SAIC is an Equal Opportunity Employer empowering people no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status. We strive to create a diverse, inclusive and respectful work culture that values all.