SAIC is looking for a highly motivated and experienced Cloud Security Engineer to support DoD programs by executing RMF and NIST processes to expedite customer accreditation of virtualized and cloud solutions. The selected candidate will possess expertise in RMF, NIST, and accreditation analysis, implementation, documentation, and execution. The selected candidate will be competent in DevSecOps, automation, and cloud service continuous accreditation, monitoring, auditing, and reporting.
This position is contingent on funding and is anticipated to start in January 2022.
- Receives direction from Multi-Domain Solutions Architect.
- Evaluates, documents, and integrates required security controls for cloud and virtualization technologies.
- Develops automation for efficient deployment and auditing of security controls.
- Lead ongoing modernization of security and compliance.
- Maintains technical expertise relevant to securing customer workloads distributed across private and public cloud services.
- Evaluates new cloud and virtualization technologies for security and applicability.
- Automate security configuration management, auditing, and reporting.
- Ensure solution development follows the RMF 6-step process IAW DoDI 8510.01.
- Determine the required levels of Confidentiality, Integrity, and Availability for the systems under development and select appropriate controls.
- Develop, manage, and update System Security Plan and assessment and authorizations packages and provide any change to the ISSM or designee.
- Deliver RMF artifacts to the ISSM for inclusion in RMF packages.
- Assist the Government/ISSM in reviewing all cybersecurity documents as required for RMF process.
- Manage matrix of applicable DISA Security Technical Implementation Guides (STIGs) for portfolio solutions.
- Integrate with other technical leads to provide security insight and integration throughout solution lifecycle.
- Execute continuous scanning of deployed solutions.
- Manage POA&Ms.
- Assess and report cybersecurity risks through RMF processes.
- Develop mitigations and corrective actions for identified risks.
- Works on unusually complex technical problems and provides highly innovative and creative solutions.
- Acts as advisor to management and customers on advanced security topics.
- Works under consultative direction toward pre-determined long-range goals and objectives.
- Participates with senior managers to establish strategic plans and objectives.
- Remains abreast of the newest cloud security standards, architectures, best practices.
EDUCATION AND EXPERIENCE:
- BA/BS cybersecurity or related IT, System Engineering, or STEM degree. Additional four (4) years experience may be substituted for degree.
- Minimum (5) years of NIST controls implementation is required
- Minimum (5) years of RMF leadership experience is required
- Minimum (5) years of DoD security hardening and accreditation experience is required
- Minimum (5) years of executing information systems security assessments
- Expert level knowledge and hands on experience with Cloud Scripting and Automation is required
- Experience with ACAS is required
- Experience with NESSUS is required
- Experience with Splunk is required
- Experience with Agile Software Development Lifecycle (SDLC)
- Experience with DevOps/DevSecOps
- Experience with at least one other Cloud platform (AWS, GCP, etc.)
- Strong interpersonal and communication skills (verbal and written)
- DoD 8570.01-m IAM Level II (CAP, CASP+ CE, CISM, CISSP (or Associate), GSLC, CCISO) or higher (CISM, CISSP (or Associate), GSLC, CCISO)
- Active DoD Secret (or above) clearance is required
- Able to obtain up to a Top Secret level DoD clearance upon request
COVID Policy: Prospective and/or new employees are required to adhere with SAIC's vaccination policy. All SAIC employees must be fully vaccinated and they must submit proof of vaccination on their first day of employment. Prospective or new employees may seek an exemption to the vaccination requirement at Contact Us
and must have an approved exemption prior to the start of their employment. Where work is performed strictly at a customer site, customer site vaccination requirements preempt SAIC's vaccination policy.
SAIC® is a premier Fortune 500® technology integrator driving our nation's technology transformation. Our robust portfolio of offerings across the defense, space, civilian, and intelligence markets includes secure high-end solutions in engineering, digital, artificial intelligence, and mission solutions. Using our expertise and understanding of existing and emerging technologies, we integrate the best components from our own portfolio and our partner ecosystem to deliver innovative, effective, and efficient solutions that are critical to achieving our customers' missions.
We are more than 26,500 strong; driven by mission, united by purpose, and inspired by opportunities. SAIC is an Equal Opportunity Employer, fostering a respectful work culture based on diversity, equity, and inclusion that values all contributors. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $7.1 billion. For more information, visit saic.com.