Full Time Employee
Network Security Subject Matter Expert (VGTG003) (Job Number:420651)
SAIC is seeking highly motivated Senior Security Engineer candidate providing Subject Matter Expertise (SME) in support of the Cybersecurity Integrity Center (CIC) at the Department of State’s (DOS) Information Resource Management (IRM) office, in the Washington DC metro area. The CIC supports cybersecurity monitoring, threat analysis, and incident response within and across IRM-managed infrastructure. The CIC coordinates and collaborates primarily with the Directorate of Information Assurance (IRM/IA), Directorate of Operations (IRM/OPS), and the Bureau of Diplomatic Security (DS), as well as other organizations within DOS, the Federal Government, and commercial partners.
Description of Duties:
The Security SME provides technical leadership, guidance and management oversight for the CIC team regarding network perimeter and host security systems. The candidate will possess and apply sound technical and management principles to establish and automate the CIC network Security Information and Event Management (SIEM) capabilities, and set the tone and pace for the identification and remediation of cybersecurity threats and vulnerabilities across the DOS enterprise. Deep and broad technical expertise across multi-platform security architectures is required to plan and implement automated tools, as well as organizational and process changes to better secure DOS network services. The candidate must be capable of providing technical leadership and guidance to Security and Operational personnel. The candidate must be capable of evaluating system performance results, leading teams in response to incidents/problems, performing risk assessments and evaluating performance metrics. The position directly supports DOS on-site, providing network availability to over 80,000 customers globally.
- Correlate analysis across firewalls, network and system logs, and various passive Intrusion Detection Systems (IDS) and active Intrusion Prevention Systems (IPS) across the DOS enterprise
Collaborate across DOS Bureaus and other Government Agencies to plan and implement active and passive security system changes
- Develop and automate the CIC Security Information and Event Management (SIEM) capabilities
- Identify and remediate cybersecurity threats and vulnerabilities
- Provide detailed assessments of potential threats to DOS environments
- Evaluate risks, vulnerabilities, and threats to network and host devices
- Ability to find and resolve gaps in both deployment and testing processes in addition to security controls
- Streamline and optimize process and procedures in order to rapidly respond to cybersecurity threats
- Develop policies and procedures
Attend teleconferences, onsite meetings, and participates in working groups, as required.
TYPICAL EDUCATION AND EXPERIENCE: Bachelors and fourteen (14) years or more experience; Masters and twelve (12) years or more experience; PhD or JD and nine (9) years or more experience.
Desired Education, Skills & Experience:
Bachelor degree in a computer science/computer engineering related discipline or equivalent years of experience and expertise.
12+ years network Security engineering support experience (Tier II, Tier III, security infrastructure implementation and maintenance) focusing on firewalls, IDS, IPS, ASAs, PKI, etc.)
Knowledge of network routing and switching protocols and design disciplines.
- Knowledge of DoS OCONUS and CONUS unclassified and classified network architectures
- Knowledge of DoS OCONUS and CONUS unclassified and classified network service providers. (The lead must know procedures and whom to contact under what conditions)
In-depth experience in planning, implementing, and managing security systems, on a large/global enterprise infrastructure that is largely Cisco routers and switches and ASA’s; Palo Alto and Intel/McAfee Stonegate firewalls; and A10 network devices; Symantec and McAfee IPS and firewalls
Highly experienced with network security monitoring and management tools
- Familiarity of various analytical tools (Splunk, Fluke, USBdeview, Netwitness, MimiKatz)
- Understanding of Security Information and Event Management (SIEM) tools (Splunk, McAfee)
- Understanding of electronic countermeasures
- Familiarity with OMB, NIST and related security guidelines and directives
- Familiarity with National Vulnerability database
Interpersonal skills including the ability to collaborate effectively, and excellent written and oral communications.
Firewall Certifications (Palo Alto ACE, CNSE)(Intel/McAfee ePO, NSP, HIPS, DLPe, SIEM)
CISSP or CISM
IAT/IAM/IASAE level III equivalent
Candidate must be a US Citizen and currently possess a US Top Secret security clearance and have the ability to obtain a TS/Sensitive Compartmented Information (SCI) security clearance.
SAIC Overview:SAIC is a premier technology integrator providing full life cycle services and solutions in the technical, engineering, intelligence, and enterprise information technology markets. SAIC provides systems engineering and integration offerings for large, complex projects. Headquartered in McLean, Virginia, SAIC has approximately 15,000 employees and annual revenues of about $4.3 billion.
EOE AA M/F/Vet/Disability
Job Posting: Jul 25, 2016, 11:35:10 AM
Primary Location: United States-MD-BELTSVILLE
Clearance Level Must Currently Possess: Top Secret
Clearance Level Must Be Able to Obtain: Top Secret/SCI
Potential for Teleworking: No
Travel: Yes, 10% of the time
Shift: Day Job
To apply for this job, contact: