SAIC is seeking a Cyber Security Engineer to develop and implement security controls to preserve the confidentiality, integrity and availability of information systems. He/She will be required to produce artifacts for certifications and accreditations submissions in accordance with Sponsor’s regulations by utilizing the Sponsor’s Risk Management Framework (RMF) to successfully obtain system accreditation. Cyber Security Engineer will also evaluate requirements, select/implement security controls, review installation procedures, conduct verification and validation of test procedures and script changes, tailor and configure security controls for specific product using automation, security assessment plan preparation, test procedure preparation, test execution and reporting, performing security vulnerability assessments.
Job Duties Include:
- Analyze systems, including forensically, for malware, misuse, and/or unauthorized activity
- Investigate virus/malware alerts/incidents to determine root cause, entry point of code, damage risk, and report this information
- Investigate and analyze of all data sources, to include Internet, Intelligence Community reporting, security events, firewall logs, forensic hard-drive images, and other data sources to identify malware, misuse, unauthorized activity or other cyber security related concerns
- Monitor, document, and respond to collected security alerts
- Participate in project review meetings and provide technical cyber security guidance when necessary
- Design, test, and integrate new security products as directed by the Sponsor
- Ensure all network defense capabilities are kept current, patched, and securely configured and management informed of status
- Integrate security products, including designs for all Sponsor networks
- Maintain system baselines and configuration management items, including security event monitoring policies in a manner determined and agreed to by the Sponsor
- Stay abreast Sponsor’s directives, regulations, guidance, notices and standards on cybersecurity
- Have detailed knowledge of Intelligence Community Directives (ICDs) related to cybersecurity, at a minimum, ICD 503.
- Validate that product deliveries meet customer requirements and drive product demos
- Participate in backlog grooming sessions and internal demos
- Proactively contribute to the quality of the product by seeking and proposing new or alternate approaches to address the requirements
- Must have an active/current TS/SCI with Polygraph.
- Bachelor’s degree or equivalent years and 5+ year of experience in Sponsor’s accreditation process
- Understanding and experience using the Risk Management Framework (RMF) to apply security controls and assess security risk profile
- Proficient in Windows and Linux operating systems
- Working knowledge of current COTS security scanning & monitoring tools (Nessus, Splunk, etc)
- Working knowledge of database and operating system security
- Understanding of latest security principles, techniques, and protocols
- Experience in Agile-based software delivery, including leading Agile ceremonies
- Strong experience with JIRA and Confluence, and the rest of the Atlassian suite
- Experience with cybersecurity controls into DevOps Continuous Integration/Continuous Deployment (CI/CD) pipeline
- Working knowledge of database engineering or ETL concepts.
- Working knowledge of DevOps, CI/CD and Test Automation.
SAIC is a premier technology integrator solving our nation's modernization and readiness challenges. Our offerings across defense, space, civilian, and intelligence markets include high-end solutions in engineering, IT, and mission outcomes. We integrate the best components from our portfolio with our partner's ecosystem to deliver innovative and effective solutions. We are 25,500 strong; driven by mission, united by purpose, and inspired by opportunities. Headquartered in Reston, VA, SAIC has annual revenues of nearly $7.1 billion. For information, visit saic.com or Working at SAIC for benefits details. SAIC is an Equal Opportunity Employer empowering people no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status. We strive to create a diverse, inclusive and respectful work culture that values all.