Join our Talent Network >

Security Manager

This job posting is no longer active.

Job ID: 216882
Location: STERLING, VA, United States
Date Posted: Jun 14, 2021
Category: Cyber
Subcategory: Cyber Engineer
Schedule: Full-time
Shift: Day Job
Travel: Yes, 10 % of the Time
Minimum Clearance Required: None
Clearance Level Must Be Able to Obtain: Public Trust
Potential for Remote Work: No
Benefits: Click here

Share: mail

Job Description

Description

SAIC is seeking a Senior Security Engineer to join our team.
 
Position Summary
SAIC is seeking a Senior Security Engineer to join our team. Your Role is to act as a Senior Technical Resource and Mentor for the Team. 
Essential duties of this position include:
·    Proactive Threat Intel and Vulnerability Management:  Track threat actors and associated tactics, techniques, and procedures (TTPs) as well as Service Tower Supplier Patching efforts
·    Work as a member of the team to guide collaborative efforts working with Service Tower Suppliers and Customers to develop plans for the integration of supplier processes into the Risk, Vulnerability, and Threat Management Program
·    Participate in team efforts to guide development and maintenance of operational and technical guidance and oversight for the Vulnerability, and Threat Management tools and procedures
·    Participate in team efforts to align Risk, Vulnerability, and Threat Management as Process Owner for Operational Security Processes (Cross-Functional) related to the individual Service Tower Supplier's responsibilities
·    Coordinate with Service Tower Supplier POC's to ensure Processes are maintained and updated on a regular basis
·    Collaborate to design, test, and implement secure operating systems, networks and security monitoring systems
·    Oversee risk and vulnerability assessment at the network, system and application level
·    Conducts threat modeling exercises. Develops and implements security control recommendations and formulates operational risk mitigations along with assisting in security awareness programs
·    Initiate and remain engaged throughout a wide range of security projects including architectures, firewalls, electronic data traffic, and network access
·    Researches, evaluates and recommends new security tools, techniques, and technologies and introduces them to the enterprise in alignment with IT security strategy
·    Utilizes COTS/GOTS and custom tools and processes/procedures in order to scan, identify, contain, mitigate and remediate vulnerabilities, and intrusions
·    Performs analyses to validate established security requirements and to recommend additional security requirements and safeguards
·    Supports the formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results, and preparation of required reports
·    Periodically conducts a review of each system's audits and monitors corrective actions until all actions are closed
·    May support cyber metrics development, maintenance and reporting
·    May provide briefings to senior staff
The Cybersecurity Analyst Senior Principal performs a critical management role ensuring that the technology underpinning supporting IT support processes and workflows are working effectively, reliably, and efficiently to meet service objectives and customer expectations. You will have the opportunity to solve complex problems, coordinate with multiple suppliers, and optimize processes through automation. This position offers the chance to research and analyze cybersecurity capabilities to satisfy data protection requirements. The Cybersecurity Analyst Senior Principal will also play a key role in representing current capabilities, and support development of future capabilities of supporting ITSM tools.  This is a key concept in contributing to a long-term strategy using operational and tactical activities paving the way for continual improvement of the environment to meet security objectives for a satisfying customer experience.

Qualifications

Background / Experience 
·    Provides primary expertise for Risks related to Vulnerability Management and handling of, based on NIST processes
·    Provides the ability to create, and maintain processes and procedures to support a robust Vulnerability Management program
·    Provides support to plan, coordinate, and implement tactical response to improve the organization's information security posture
·    Supports Team efforts of colleagues to design, develop, engineer and implement solutions to meet security requirements
·    Supports the implementation and maintenance of the MSI security detection protocols
·    Gathers and organizes technical information about existing security products, and ongoing programs
·    A working knowledge of security practices and procedures; knowledge of current security tools available; hardware/software security implementation; different communication protocols; encryption techniques/tools; familiarity with commercial products, current Internet/EC technology, and open source methodologies
·    Provide support for monitoring events and ongoing maintenance activities
·    Working Knowledge and understanding of management tools used to detect most anomalies within the infrastructure
·    Strong attention to detail and organizational skills
·    Demonstrated previous leadership, deep technical risk analysis, understanding of engineering and architectural system design concepts
·    Ability to write and verbally communicate information security and risk-related concepts effectively to both technical and non- technical audiences
·    Must have strong problem- solving and analytical skills and demonstrate poise and ability to act calmly and competently in high-pressure, high-stress situations
·    Experience managing Risks related to Patching and Vulnerability Management across multiple suppliers, customers, technologies, and processes
·    Support the development of cybersecurity technical roadmaps and documentation to drive continual services and cyber transformation and improvements for the MSI Program
·    Collaborate using networks and professional relationships to achieve common goals
·    Be a cybersecurity leader, and provide mentorship for less experienced cybersecurity practitioners

Education / Certifications 
·    Bachelors in Information Systems, Computer Science, Information Security or related IT field and 13+ years of related experience; Masters and 11+ years of related experience. PhD or JD and 8+ years or more experience may be considered with 3+ years relevant risk assessment, information security or analytical experience

·    Must have at least 5 years of direct IT Security experience 
·    Working knowledge of Security Standards/Controls specified under various IT governance and compliance models (NIST, ISO 27001&27002, ITIL, SOX, and DFARS/FARS). This includes Applications and Systems Development Security, Security Management Practices, Access Control, Security Architecture and Modeling, Telecommunications, Network Security, Cryptography (PKI), Operations Security, and Physical Security Controls Experience in security hardening and firewall configurations that reflect best practice secure settings based on industry benchmark and / or exceptions that minimize risk to the security and enable business
·    Fundamental technical knowledge of Active Directory, Windows and Linux OSes, VMWare, SDDC and Virtual firewalls, networks, Oracle, SQL, stored procedures, scripts and reports. Experienced with: Linux, Unix, and multiple MS Office products including SharePoint
·    Solid understanding and technical knowledge of common cybersecurity engineering, architecture and design and principles
·    Experience acting as a Subject Matter Expert or team lead providing guidance to others
·    Demonstrate success leading and conducting senior level security risk analysis. Specifically, threat modeling involving system decomposition, threat and vulnerability discovery and mitigation
·    Possess security certification preferred, such as (CISM, CISSP, CSSP Incident Responder Certification)
Other
 
·    Proven ability to work with cross-functional teams
·    Strong communication skills; person in this role must be able to successfully communicate with management personnel, technical personnel, the customer, and third parties
·    Self-starter and Team contributor; must be able to perform in a Team environment, and with tasked with a priority to complete with limited or no supervision
·    Possesses strong drive and initiative, matured development of listening skills
·    Demonstrate timely task completion involving solid organizational skills, task tracking, and follow-up, and productive peer interaction
·    Possess strong technical writing, verbal and presentation skills especially when communicating with other internal SAIC business units, Project Managers, Executives, and Peer Review working groups
·    Provide feedback on internal processes required to help train and mentor other less seasoned security practitioners as needed
·    Familiarity with common cybersecurity COTS products and their integration in a large enterprise environment




Overview

SAIC is a premier technology integrator solving our nation's modernization and readiness challenges. Our offerings across defense, space, civilian, and intelligence markets include high-end solutions in engineering, IT, and mission outcomes. We integrate the best components from our portfolio with our partner's ecosystem to deliver innovative and effective solutions. We are 25,500 strong; driven by mission, united by purpose, and inspired by opportunities. Headquartered in Reston, VA, SAIC has annual revenues of nearly $7.1 billion. For information, visit saic.com or Working at SAIC for benefits details. SAIC is an Equal Opportunity Employer empowering people no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status. We strive to create a diverse, inclusive and respectful work culture that values all.

Share: mail