SAIC is seeking a Security Engineer to support the ITO Cyber Engineering & Architecture team. This position can be worked remotely nationwide.
This position will report to the Cyber Security Engineering & Architecture Manager. This role is a key business enabler and will provide information on security risk analysis and strategic recommendations for the ongoing improvement of Information Security within the organization. The candidate should have deep and extensive security, data, infrastructure, DevOps and operational experience. This position will require expert engineering knowledge of enterprise IT and security solutions to design, develop and/or implement solutions to ensure they are consistent with enterprise architecture security policies. This is critical to the success of the organization by providing high confidence in understanding the attack surface of our infrastructure. This position includes security control design and solution planning at the system, mission, and enterprise level, security-in-depth/defense-in-depth, and other related IAM/ISSO/ISSE support functions. The candidate will be Involved in a wide range of security issues including, but not limited to, architecture, firewalls, data traffic, and network access.
- Drive security implementation across several enterprise platforms and applications to ensure ITO Cyber standards are met.
- Provide security guidance and oversight to the SAIC ITO DEVOPs teams.
- Provide security guidance and oversight for SAIC ITO Cloud security in highly regulated Cloud SaaS, IaaS, and PaaS environments.
- Provide security guidance and oversight to SAIC ITO integrations, projects, programs, mergers & acquisitions, teams.
- Support Cyber Engineering & Architecture efforts and Cyber Roadmap development and maturation.
- Perform detailed system analysis and develop recommendations for improvement of the SAIC Cyber posture.
- Bachelor’s degree and five (5) years or more experience
- Master’s degree and three (3) years or more experience
- PhD and 0 years of related experience
- Relevant experience in lieu of degree is acceptable
- Knowledge of vulnerabilities in various operating systems, databases and networks in relation to hardening, configuration, deployment and administration.
- Possesses strong understanding of networking concepts & network security architecture; common operating systems, including Windows, Mac OS, Linux, UNIX; and mobile device platforms including Android and iOS.
- Knowledge of industry standards relating to Vulnerability Management including Common Vulnerabilities and Exposures (CVE), Common Vulnerability Scoring System (CVSS) and Open Web Application Security Project (OWASP).
- Knowledge of Security Standards/Controls specified under various IT governance and compliance models (NIST, HIPAA, PCI, GDPR, ISO 27001/27002).
- Knowledge of NIST Security Engineering methodology, Cyber Maturity Model Certification, (CMMC), and Defense Contract Management Agency (DCMA) requirements.
- Knowledge of technology and security topics including operating systems, network security, protocols, application security, infrastructure hardening and security baselines.
- Demonstrated experience working with senior management on highly sensitive projects that require the utmost discretion and maintaining strict confidentiality on all data, records, and tasks as required.
- Ability to communicate detailed security issues to peers and management.
- Demonstrated ability to work in a fast-paced, deadline driven environment.
- Demonstrated excellence in a variety of competencies including teamwork/collaboration, analytical thinking, communication and influencing skills, and technical expertise.
- Maintain roadmaps, which include product selection, versions, upgrades, projects and milestones.
- Recommend and implement appropriate security tools to enhance security posture.
- Customer service-oriented team player; the ability to provide guidance and support to subordinates and other team members.
- Excellent written and verbal communication skills.
- Organizational skills; the ability to multitask; attention to detail.
- Possession of industry certifications highly preferred including, but not limited to, COMPTIA Advanced Security Practitioner, Security+, and Certified Information Systems Security Professional (CISSP).
Target salary range: $75,001 - $100,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.
SAIC is a premier technology integrator solving our nation's modernization and readiness challenges. Our offerings across defense, space, civilian, and intelligence markets include high-end solutions in engineering, IT, and mission outcomes. We integrate the best components from our portfolio with our partner's ecosystem to deliver innovative and effective solutions. We are 25,500 strong; driven by mission, united by purpose, and inspired by opportunities. Headquartered in Reston, VA, SAIC has annual revenues of nearly $7.1 billion. For information, visit saic.com or Working at SAIC for benefits details. SAIC is an Equal Opportunity Employer empowering people no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status. We strive to create a diverse, inclusive and respectful work culture that values all.