Description SAIC is looking for an experienced and skilled Principal Cyber Security Analyst to work in the newly established Cyber Threat Intelligence and Integration Center (CTIIC) in Reston, Virginia. The candidate will help to establish the newly formed intelligence center, to include leveraging existing and incoming security tools, develop policy and procedures, and coordinate with both internal and external intelligence partners. The candidate be a leader in the CTIIC and will work closely with SAIC's Enterprise Security Operations Center and Cyber Incident Response Team on a daily basis to defend our network and mitigate the most significant threats. Candidates should have demonstrated strong experience working in a task force environment.
· Oversee threat and vulnerability assessment and provide subject matter expertise on appropriate threat mitigation.
· Identify intrusion activity by leveraging alert data from multiple sensors and systems and determine priority for response.
· Leverage threat intelligence e.g. DSIE, NCFTA while actively monitoring critical infrastructure components.
· Assess the impact of potentially malicious traffic on company network and infrastructure.
· Lead in-depth analysis of anomalies in support of network monitoring and incident response operations.
· Perform live incident response (reactive and proactive incident management) by identifying and remediating malicious applications and infrastructure components.
· Collaborate with other Information Security and IT team members to develop and implement innovative strategies for monitoring and preventing attacks.
· Develop appropriate metrics (key risk and performance indicators) to measure the monitoring program and related process.
· Oversee research of emerging security threats.
· Implement additional components and techniques that could be used to proactively detect and prevent malicious activity.
· Provide other services as a key member of the Cyber Threat Intelligence Integration team.
· Provide escalated response and support to intrusion or security breach investigations.
· Oversee in knowledge sharing with other analysts and writing technical articles for Internal Knowledge Bases.
· Present with confidence.
· Assist with risk and vulnerability assessment at the network, system and application level.
· Develop and implement security controls and formulate operational risk mitigations along with assisting in security awareness programs.
· Involved in a wide range of security issues including architectures, firewalls, electronic data traffic, and network access.
· Research, evaluate, and recommend new security tools, techniques, and technologies and introduces them to the enterprise in alignment with IT security strategy.
· Utilize tools and processes/procedures in order to scan, identify, contain, mitigate and remediate vulnerabilities, and intrusions.
· Assist in the implementation of the required policy and makes recommendations on process tailoring.
· Perform analyses to validate established security requirements and to recommend additional security requirements and safeguards.
· Support security tests and evaluations required by any government accrediting authority through pre-test preparations, participation in the tests, analysis of the results, and preparation of required reports.
· Periodically conduct a review of each system's audits and monitors corrective actions until all actions are closed. May support cyber metrics development, maintenance and reporting.
· Assist the CTIIC Director in the daily operations of the CTIIC.
· Perform documentation review and improvement.
Qualifications Required Education and Experience:
Bachelors and nine (9) years or more experience; Masters and seven (7) years or more experience ; PhD or JD and four (4) years or more experience
Ability to effectively communicate at all levels, both verbal and written, with internal stakeholders, external government agencies and 3rd Party vendors and customers
Professional Certifications a plus (e.g. CISA, CISM, CRISC, or CISSP)
Excellent written and oral communication skills
Clearance Requirement: Must be able to obtain a Secret security clearance