Address
Form of workJob Description
Description
SAIC Engineering is seeking a highly experienced and energetic Senior Cyber Security Cloud Engineerto join ourSAIC Engineering team supporting the Cloud One program under the Air Force Lifecycle Management Center Office for Network Integration (AFLCMC/HNI). The Cloud One Common Computing Environment is an existing global, interconnected, virtualized, hybrid, and IT infrastructure hosting mission systems, applications, services, and data that will serve the U.S. Air Force (USAF) and U.S. Army (USA). Cloud One incorporates the capabilities of commercial cloud and Managed Service Providers (MSP) residing in Cloud Service Providers (CSPs). Cloud One facilitates the USAF and USA’s efforts to migrate applications to a cloud environment. The Senior Cyber Security Cloud Engineer will focus on Architecture, implementation, and management of security in a multi–Cloud Environment. The overarching focus of this position is to support the engineering team as solutions are engineered to support Cloud One enhancement efforts, designing the Security components of these engineering efforts that maintain the security posture mandated by Cloud One’s Authority to Operate. In Support of the SAIC Chief Engineer, the Cyber Security Engineer Principle is responsible for responsive and coherent planning, development, and delivery of assessments of systems and requested changes within the Cloud One environments to identify where those systems and changes deviate from acceptable configurations, enclave policy, or local policy and provide appropriate recommended solutions to meet those requirements.This position is 100% remote.
Job Responsibilities:
- Design security architectures; recommend integration of new architectural features into existing infrastructures; design cybersecurity architectural artifacts; provide architectural analysis of cybersecurity features and relate existing system to future needs and trends; provide engineering recommendations and resolve integration and testing issues.
- Apply a combination of expert engineering knowledge of enterprise IT and security solutions to design, develop or review proposed solutions to ensure they are consistent with enterprise architecture security policies and support full spectrum military cyberspace operations.
- Design and develops new or reviews proposed security control design and solution planning at the system, mission, and enterprise level, security-in-depth/defense-in-depth, and other related IAM/ISSO/ISSE support functions. Involved in a wide range of security issues including architectures, firewalls, electronic data traffic, and network access.
- Perform assessments of RMF artifacts and identify where those artifacts deviate from RMF control requirements.
- Review and ensure strict program control processes to ensure mitigation of risks and support obtaining assessment and authorization of systems. Includes support of process, analysis, coordination, control certification test, compliance documentation, as well as investigations, software research, hardware introduction and release, emerging technology research, inspections, and periodic audits.
- Provide security engineering supporting DoD/Federal cybersecurity policy (i.e., DoDI 8500.01, NIST SP 800-53, etc.).
Problem Complexity: Develops technical solutions to complex problems which require the regular use of ingenuity and creativity.
Impact: Guides the successful completion of major programs. Erroneous decisions or recommendations would typically result in failure to achieve major organizational objectives.
Liaison: Represents SAIC Engineering as the Cyber technical contact on engineering and architecture projects. Interacts with senior external personnel on significant technical matters often requiring coordination between organizations.
- Work with the government to implement and evolve phased ATO process for the environment using A&A automation and maximize the use of inheritance/reciprocity
- Develop approaches support strong authentication and multi-factor authentication to implement data access authorization based on user identity
- Evaluate and provide recommendation methods of verification of the applicable DISA STIG, SRGs, and best practices
- Provide Tier 3 Cyber Security Service Provider (CSSP) support, as well as interface with and meet requirements of the Tier 2 CSSP support providers
- Ability to provide timely remediation recommendations for audit findings
- Ability to support POA&M reviews and recommendations
- Ability to support Code Review Security Vulnerabilities Remediation
- Ability to support the updates to Risk Management Framework Artifacts
Qualifications
Required Qualifications:
- Bachelors and nine (9) years or more experience; Masters and seven (7) years or more experience; PhD or JD and four (4) years or more experience. In lieu of a degree additional years of experience will be considered
- Minimum Information Assurance System Architecture and Engineering (IASAE) Level III certified IAW DoD 8570.01M replaced by DoDD 8140
- Compliant with DoD and USAF training requirements in DoDD 8570.01, DoD 8570.01-M, and AFMAN 17-1303.
- Knowledge of DoD Policies and procedures including DoD 8500.01 and DoD 8510.01
- Experience with DoD suite of security tools including Assured Compliance Assessment Solution (ACAS) Experience (Nessus / Tenable Security Center)
- Experience evaluating STIG/SCAP compliance scanning and implementation
- 5+ years of experience as a Cyber Cloud Engineer supporting cloud environments – preferably AWS and Azure
- Experience evaluating and configuring AWS and Azure Security Services
- Experience with Risk Management Framework (RMF) and updating of security artifacts
- Experience with compliance verification methods including DISA STIG, SRGs, and best practices
- Experience with DevSecOps
- Knowledge of the DoD suite of security tools including HBSS, and eMASS
- Knowledge of cloud environments provided by AWS, Azure, OCI or GCP
- Working knowledge of Microsoft Office Suite including Microsoft Visio
Desired Qualifications:
- Experience with ORCA Security Suite of tools
- Experience with Okta Employee and Customer Identity Solutions
- Experience with Windows Server Update Services (WSUS)
- Experience with Oracle and Google Cloud Environments
- Knowledge of DoD Enterprise Service Management Framework (DESMF)
- Certified Information Systems Security Professional (CISSP) certification preferred
- Experience with Agile, Scrum, SAFe or other modern software development methods/practices
- Experience supporting Cloud migration effort
Required Clearance:
- Interim Secret clearance required to start; Ability to obtain a Secret clearance is required to maintain employment.
- US citizenship required
Target salary range: $125,001 - $150,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.
SAIC accepts applications on an ongoing basis and there is no deadline.
Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.
Overview
SAIC® is a premier Fortune 500® technology integrator focused on advancing the power of technology and innovation to serve and protect our world. Our robust portfolio of offerings across the defense, space, civilian and intelligence markets includes secure high-end solutions in mission IT, enterprise IT, engineering services and professional services. We integrate emerging technology, rapidly and securely, into mission critical operations that modernize and enable critical national imperatives.
We are approximately 24,000 strong; driven by mission, united by purpose, and inspired by opportunities. SAIC is an Equal Opportunity Employer, fostering a culture of diversity, equity and inclusion, which is core to our values and important to attract and retain exceptional talent. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $7.4 billion. For more information, visit saic.com. For ongoing news, please visit our newsroom.
