Address
Form of workJob Description
Description
SAIC’s National Intelligence Community (NIC) Business Unit, USG Mission and Information Technology Division, provides solutions and services supporting digital modernization programs in areas such as systems engineering, multi-cloud computing, cybersecurity, data science and analytics, artificial intelligence and machine learning, quantum computing, application development, SecDevOps, cloud network operations, and secure communications.
We are seeking highly motivated Information Systems Security Engineers (ISSE) to join our team and leverage their technical expertise by performing or reviewing technical security assessments of computing environments to identify points of vulnerability, non-compliance with established Information Assurance (IA) standards and regulations, and recommend mitigation strategies. As an ISSE, you will validate and verify system security requirements definitions and analysis, as well as establish system security designs.
Responsibilities will vary based on skill level:
- Designing, developing, implementing, and/or integrating IA and security systems and system components, including those for networking, computing, and enclave environments such as those with multiple enclaves and with differing data protection and classification requirements
- Building IA into systems deployed to operational environments
- Assisting architects and systems developers in the identification and implementation of appropriate information security functionality to ensure uniform application of Agency security policy and enterprise solutions
- Supporting the building of security architectures
- Enforcing the design and implementation of trusted relations among external systems and architectures
- Assessing and mitigating system security threats and risks throughout the program life cycle
- Contributing to the security planning, assessment, risk analysis, risk management, and certification and awareness activities for system and networking operations
- Reviewing certification and accreditation (C&A) documentation and providing feedback on completeness and compliance of its content
- Applying system Security Engineering expertise in one or more of the following:
- System security design process
- Engineering life cycle
- Information domain
- Cross domain solutions
- Commercial off-the-shelf (COTS) and Government off-the-shelf (GOTS)
- Cryptography
- Identification
- Authentication and authorization (A&A)
- System integration
- Risk management
- Intrusion detection
- Contingency planning
- Incident handling
- Configuration control
- Change management
- Auditing
- Certification and accreditation (C&A) process
- Principles of IA (confidentiality, integrity, non-repudiation, availability, and access control)
- Security testing
- Participating as a Security Engineering representative on engineering teams for the design, development, implementation and/or integration of IA architectures, systems, or system components
- Applying knowledge of IA policy, procedures, and workforce structure to design, develop, and implement secure networking, computing, and enclave environments
- Interacting with the customer and other project team members
- Supporting the Government in the enforcement of the design and implementation of trusted relationships among external systems and architectures
- Providing and supporting security planning, assessment, risk analysis, and risk management
- Identifying overall security requirements for the proper handling of Government data
- Recommending system-level solutions to resolve security requirements
- Supporting security authorization activities in compliance with the NSA/CSS Information System Certification and Accreditation Process (NISCAP) and DoD Risk Management Framework (RMF), the NIST Risk Management Framework (RMF) process, and prescribed NSA/CSS business processes for Security Engineering
Qualifications
Qualifications will vary based on skill level:
- Active TS/SCI with Polygraph is required for all skill levels
- Years of relevant experience and education:
- Senior level: Seven (7) years or more of ISSE experience and a Bachelor’s degree in Computer Science, Information Assurance, Information Security System Engineering, or related discipline (Four (4) years of additional ISSE experience may be substituted in lieu of degree)
- Expert level: Fourteen (14) years or more of ISSE experience and a Bachelor’s degree in Computer Science, Information Assurance, Information Security System Engineering, or related discipline (Four (4) years of additional ISSE experience may be substituted in lieu of degree)
- DoD 8570 compliance with IASAE Level 2
- DoD 8570.01-M compliance with IASAE Level 2
- Certified Information Systems Security Professional (CISSP)
Desired:
- Master’s degree in Computer Science, Information Assurance, Information Security System Engineering, or related discipline
SAIC accepts applications on an ongoing basis and there is no deadline.
Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.
Overview
SAIC® is a premier Fortune 500® technology integrator focused on advancing the power of technology and innovation to serve and protect our world. Our robust portfolio of offerings across the defense, space, civilian and intelligence markets includes secure high-end solutions in mission IT, enterprise IT, engineering services and professional services. We integrate emerging technology, rapidly and securely, into mission critical operations that modernize and enable critical national imperatives.
We are approximately 24,000 strong; driven by mission, united by purpose, and inspired by opportunities. SAIC is an Equal Opportunity Employer, fostering a culture of diversity, equity and inclusion, which is core to our values and important to attract and retain exceptional talent. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $7.4 billion. For more information, visit saic.com. For ongoing news, please visit our newsroom.
