SAIC currently has an opening for a Senior Security Engineer/ Information Security Analyst to support the Department of State (DOS) Bureau of Information Resource Management (IRM) program. This program provides transparent, interconnected systems and security supporting the DOS in successfully carrying out its U.S. foreign policy mission. IRM provides enterprise architecture design, engineering, operations and maintenance support services for desktops, servers, networks, firewalls, and enterprise applications across the Department. The program is named Vanguard 2.2.1 and is an IT consolidation consisting of the Department's servers, mainframes, network devices, network perimeter, anti-virus engineering, public key infrastructure (PKI)/biometrics/encryption, monitoring tools, telephony, mobile computing platform, virtual environment, and enclave design/security engineering.
Description of Duties:
This role supports Security Engineering tasks with an emphasis in designing and implementing perimeter security solutions to meet business, security policy, technical, operational, and management requirements; using a defense-in-depth approach.
- Supporting project managers in identifying and coordinating technical activities.
- Gathering requirements, performing gap analysis, developing and presenting potential solutions, and creating detailed design and implementation plans.
- Integrating security into the design and implementation process to conform to established State Department security standards, policies, and procedures.
- Reviewing evolving security requirements and policies and making recommendations for existing systems to ensure compliance.
- Identifying security architecture and implementation gaps, vulnerabilities, and risks; developing, testing, and implementing solutions to address the gaps, and new or updated requirements.
- Evaluating emerging technology (e.g., social media, mobile computing) and making recommendations.
- Supporting Assessment & Accreditation (A&A) as a security SME, to provide recommendations on meeting required controls.
Bachelor’s degree in a technical or engineering related discipline and 9+ years of experience or equivalent experience in lieu of degree
- Experience with A&A NIST SP 800-60, 800-37, 800-53 Rev 4 and CNSSi 1253 security controls, including overlays.
- Experience as a security engineer or systems engineer including systems architecture, requirements analysis, integration, and process execution and evaluation
- Extensive knowledge of network operations and security including but not limited to authentication and authorization solutions, next generation firewalls, antivirus, VPN, routers, ports, protocols and services, and application layer security.
- Experience with system development lifecycle, and early incorporation of security throughout the lifecycle.
- Technology certifications including, but not limited to:
- Cisco Certified Network Associated (CCNA) Security
- Cisco Certified Network Professional (CCNP)
- GIAC Certified Perimeter Protection Analyst (GPPA)
- Security-focused Cisco specialist (e.g., ASA, Cybersecurity, IOS Security)
- Palo Alto Certified Network Security Engineer
- Security certifications including, but not limited to:
- Certified Information Security Systems Professional (CISSP)
- Certified Information Security Manager (CISM)
- Project management experience (PMP is a plus).
- Knowledge of secure coding, application security, and ethical hacking.
- Experience with FedRAMP and cloud security, e.g., Microsoft Azure and AWS
- Experience using Xacta 360
- Working knowledge and understanding of Active Directory, SMS/SCCM, and databases.
- Familiarity with DoS environment (data and voice networks, IT security systems, policies and procedures), Foreign Affairs Handbooks (FAHs), and Foreign Affairs Manuals (FAMs).
SECRET (Active) with the ability to obtain a TOP SECRET clearance.