Description
Description
SAIC is looking for TS/SCI cleared Cybersecurity Systems Engineering candidates who are experienced in Information Assurance (IA) and Cybersecurity to support an Intelligence, Reconnaissance and Surveillance (ISR) program for our DoD customer within Program Executive Office, Command, Control, Computers, Communications, and Intelligence (PEO C4I). The individual will determine if engineering and security solutions are practical, reliable, compliant and interoperable for the execution/implementation on Navy and Intelligence Community (IC) Networks and within other Navy infrastructures, ISR tools, and Command and Control (C2) systems/capabilities.
Responsibilities:
• Software Engineering with emphasis on Security in the DevSecOps pipeline
• Dashboard construction aggregating pipeline outputs to reporting tools
• Align IA related scanning tools with ATO needs/controls by tuning configurations and automation and support teams with STIG hardening
• Write best practices and automation templates related to maintaining security posture of software under development
• Review current processes, tech stack, and scans to improve efficiency of maintaining security posture of software under development
• Develop cogent and actionable security requirements that result in robust security postures, heightened cyber resilience and protection of sensitive data/information.
• Perform vulnerability/risk assessment analysis to support Assessment and Authorization (A&A).
• Design security architecture overlays to overarching system architectures that deliver increased security balanced against time and cost metrics.
• Provides secure configuration management (CM) in support of information systems, security software, hardware and firmware.
• Manage changes to systems and assess the security impact of those changes. Prepares and reviews documentation to include System Security Plans (SSPs), Risk Assessment Reports, A&A packages, and System Requirements Traceability Matrices (SRTMs).
• Draft Program Protection Plans (PPPs), Cybersecurity Strategies, Security Classification Guides (SCGs), Anti-Tamper (AT) Plans and other Navy Acquisition program security-related documents.
• Perform Criticality Analyses (CAs) to include Critical Program Information (CPI) surveys. Perform Critical Functionality (CF) and Critical Component (CC) identification reviews.
• Review proposed new systems, networks, and software designs for potential security risks, recommending mitigations or countermeasures and resolving integration issues.
Provide technical assistance and recommendations regarding the planning, implementation, and management of Battlespace Awareness with existing and emerging infrastructures.
• Perform General Service (GENSER) and Sensitive Compartmented Information (SCI) Risk Management Framework (RMF) support for Department of Defense (DoD) IT systems to include development and maintenance of RMF package components, conduct risk assessments and develop test plans.
• Assist in development and update of technical documentation for system development. Documents may include Concept of Employment, Requirements Traceability, training, white papers and capability assessment reports.
• Use operational experience to interpret and provide feedback on system requirements.
Provide analysis of capabilities and software tools and recommendations for technical solutions to access and exploit information available from source as required.
Assist the customer with Test and Evaluation (T&E) cybersecurity-focused test events [e.g., Coordinated Vulnerability Penetration Assessment (CVPA) and Adversarial Assessment (AA)].
• Provide support for the organization's cybersecurity program.
• Provide support for proposing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies.
• Maintain operational security posture for an information system or program to ensure information systems security policies, standards, and procedures are established and followed.
• Evaluate security solutions to ensure they meet security requirements for processing classified information.
Qualifications
Qualifications
EDUCATION AND EXPERIENCE: Software related Bachelors and nine (9) years or more experience; Masters and seven (7) years or more experience; 4 additional years of experience in lieu of degree.
Active TS/SCI
CSWF and IAT Level II Certifications (Security+) within 6 months of hire.
Desired Skills and Certifications:
- Understanding of the DOD acquisition process, PEO C4I and NAVWAR.
- Certifications: PMP, INCOSE, DevOps, CISSP, CISM, CISA, Security + Network Plus.
- Prior Military experience with ISR systems.
- Experience with RMF and NIST compliance standards.
- Experience with US Navy C4I systems, Information Assurance and Cybersecurity.
- Knowledge of Linux or Windows OS, network protocols, web services, databases, scripting, and firewalls.
Apply on company website
Find Connections via Linkedin
