Lead Cyber Security Engineer

  • SAIC, Inc
  • Chantilly, VA, USA
  • Jun 18, 2021

Job Description

Description

SAIC is seeking a Lead Cyber Security Engineer to manage a team of cyber security engineers to develop and implement security controls to preserve the confidentiality, integrity and availability of information systems.  He/She will be required to produce artifacts for certifications and accreditations submissions in accordance with Sponsor’s regulations by utilizing the Sponsor’s Risk Management Framework (RMF) to successfully obtain system accreditation.  Cyber Security Engineer Lead will also evaluate requirements, select/implement security controls, review installation procedures, conduct verification and validation of test procedures and script changes, tailor and configure security controls for specific product using automation, security assessment plan preparation, test procedure preparation, test execution and reporting, performing security vulnerability assessments.

Job Duties Include:

  • Analyze systems, including forensically, for malware, misuse, and/or unauthorized activity
  • Investigate virus/malware alerts/incidents to determine root cause, entry point of code, damage risk, and report this information
  • Investigate and analyze of all data sources, to include Internet, Intelligence Community reporting, security events, firewall logs, forensic hard-drive images, and other data sources to identify malware, misuse, unauthorized activity or other cyber security related concerns
  • Monitor, document, and respond to collected security alerts
  • Participate in project review meetings and provide technical cyber security guidance
  • Design, test, and integrate new security products as directed by the Sponsor
  • Ensure all network defense capabilities are kept current, patched, and securely configured and management informed of status
  • Integrate security products, including designs for all Sponsor networks
  • Maintain system baselines and configuration management items, including security event monitoring policies in a manner determined and agreed to by the Sponsor
  • Stay abreast Sponsor’s directives, regulations, guidance, notices and standards on cybersecurity
  • Possess detailed knowledge of Intelligence Community Directives (ICDs) related to cybersecurity, at a minimum, ICD 503.
  • Validate that product deliveries meet customer requirements and drive product demos
  • Participate in backlog grooming sessions and internal demos
  • Proactively contribute to the quality of the product by seeking and proposing new or alternate approaches to address the requirements

Qualifications

Required Qualifications:

  • Must have an active/current TS/SCI with Polygraph.
  • Bachelor’s degree or equivalent years and 10 years of experience in Sponsor’s accreditation process
  • Understanding and experience using the Risk Management Framework (RMF) to apply security controls and assess security risk profile
  • Demonstrated leadership qualities through prior experience leading teams performing IT services.
  • Proficient in Windows and Linux operating systems
  • Working knowledge of current COTS security scanning & monitoring tools (Nessus, Splunk, etc)
  • Working knowledge of database and operating system security
  • Understanding of latest security principles, techniques, and protocols
  • Experience in Agile-based software delivery, including leading Agile ceremonies

 

Desired Qualifications:

  • Experience with cybersecurity controls into DevOps Continuous Integration/Continuous Deployment (CI/CD) pipeline
  • Working knowledge of database engineering or ETL concepts.
  • Working knowledge of DevOps, CI/CD and Test Automation.