Security Engineer (Job Number:441043)
JOB DESCRIPTION: This position will provide technical leadership and security operations management. This role will be responsible for ensure the security, integrity, and availability of information assets through the rigorous application of information security/information assurance policies, principles, and practices in the delivery of IT services and the rapid and effective response to security incidents. Support the establishment of effective and efficient infrastructure security programs, policies, procedures, and tools that ensure the confidentiality, integrity, and availability of systems, networks and data.
Job Specific Responsibilities:
- Provide efficient and effective Infrastructure Security Operations Support of infrastructure security components to ensure the confidentiality, integrity, and availability of systems, networks and data.
- Provide timely and effective maintenance and repair support on infrastructure security components necessary to ensure the confidentiality, integrity, and availability of systems, networks and data.
- Provide efficient security monitoring of infrastructure security components to include but not limited to firewalls and intrusion detection systems, issuing timely and accurate notification of security incidents.
- Develop and implement processes and procedures to ensure information systems reliability and accessibility and to prevent and defend against unauthorized access to systems, networks, and data to include assisting in development of systems security contingency plans and disaster recovery procedures.
- Assist in conducting risk assessments of systems, applications and networks to identify, analyze and respond to identified vulnerabilities, associated threats and risks, to include timely implementation of security safeguards, security configurations and policies as directed by the customer ISSO and management.
- Participate in review of system security controls during the System Development Life Cycle process and Project Review meetings.
- Support incident management and response through security monitoring of systems, applications and networks to identify, manage and remediate security events and incidents, and provide timely reports to the ISSO and management.
- Ensure effective change control and configuration management of supported infrastructure security-related components to establish and maintain consistency of their performance and functional and physical attributes.
- Ensure all infrastructure security-related data and documentation is added to and maintained current within the Knowledge Database and Document Library to provide efficient access to a complete and current source of operationally relevant structured and unstructured data to facilitate the gathering, analysis, and preservation of evidence used in investigation of security incidents.
- Provide after-hours monitoring and timely problem resolution commensurate with the mission criticality of the affected system(s)
- Experience designing and implementing cross-domain solutions
- Development, implementation and/or management of privileged access management programs
- Expert knowledge of access control mechanisms for various hardware and software platforms, including network devices, SANs, operating systems, hypervisors, databases and applications
- Expert knowledge of security information and event management (SIEM) systems, cyber security auditing, continuous monitoring and analysis
- Understanding of DoD PKI
- Knowledge of Federal and DoD Guidance (DoDD 8500.1, DoDI 8500.2), DITSCAP, DIACAP, NIACAP, NIST, and DoD Certification & Accreditation processes.
REQUIRED QUALIFICATIONS & EXPERIENCE
- Bachelor's degree (equivalent experience accepted in lieu of degree) in computer science, computer engineering, information systems, cyber security or a related field
- Minimum of 10 years of directly relevant experience in information systems design, implementation, operations, and cybersecurity
- Minimum of 5 years of directly relevant experience in technical project management (cost/schedule/performance)
- Public Trust L5 Security Clearable
DESIRED QUALIFICATIONS & EXPERIENCE
- ISC2 Certified Information Systems Security Professional (CISSP)
- VMware Certified Professional (VCP), VMware Certified Advanced Professional (VCAP)
- Cisco Certified Network Associate (CCNA)/Cisco Certified Network Professional (CCNP)
- Microsoft Certified IT Professional (MCITP)/Microsoft Certified Systems Engineer (MCSE)
- Experience with or knowledge of HHS EPLC
SAIC Overview:SAIC is a premier technology integrator providing full life cycle services and solutions in the technical, engineering, intelligence, and enterprise information technology markets. SAIC is Redefining Ingenuity through its deep customer and domain knowledge to enable the delivery of systems engineering and integration offerings for large, complex projects. SAIC's approximately 15,000 employees are driven by integrity and mission focus to serve customers in the U.S. federal government. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $4.5 billion. For more information, visit saic.com. For information on the benefits SAIC offers, see My SAIC Benefits. EOE AA M/F/Vet/Disability
Job Posting: Oct 16, 2018, 11:39:39 AM
Primary Location: United States-MD-ROCKVILLE
Clearance Level Must Currently Possess: None
Clearance Level Must Be Able to Obtain: Other Clearance
Potential for Teleworking: No
Travel: Yes, 10% of the time
Shift: Day Job