SterlingVARecruiter Since 2001
the smart solution for Sterling jobs

Security Manager

Company: SAIC
Location: Sterling
Posted on: June 9, 2021

Job Description:

Job Description

Description

SAIC is seeking a Senior Security Engineer to join our team.

Position Summary

SAIC is seeking a Senior Security Engineer to join our team. Your Role is to act as a Senior Technical Resource and Mentor for the Team.

Essential duties of this position include:

  • Proactive Threat Intel and Vulnerability Management: Track threat actors and associated tactics, techniques, and procedures (TTPs) as well as Service Tower Supplier Patching efforts
  • Work as a member of the team to guide collaborative efforts working with Service Tower Suppliers and Customers to develop plans for the integration of supplier processes into the Risk, Vulnerability, and Threat Management Program
  • Participate in team efforts to guide development and maintenance of operational and technical guidance and oversight for the Vulnerability, and Threat Management tools and procedures
  • Participate in team efforts to align Risk, Vulnerability, and Threat Management as Process Owner for Operational Security Processes (Cross-Functional) related to the individual Service Tower Supplier's responsibilities
  • Coordinate with Service Tower Supplier POC's to ensure Processes are maintained and updated on a regular basis
  • Collaborate to design, test, and implement secure operating systems, networks and security monitoring systems
  • Oversee risk and vulnerability assessment at the network, system and application level
  • Conducts threat modeling exercises. Develops and implements security control recommendations and formulates operational risk mitigations along with assisting in security awareness programs
  • Initiate and remain engaged throughout a wide range of security projects including architectures, firewalls, electronic data traffic, and network access
  • Researches, evaluates and recommends new security tools, techniques, and technologies and introduces them to the enterprise in alignment with IT security strategy
  • Utilizes COTS/GOTS and custom tools and processes/procedures in order to scan, identify, contain, mitigate and remediate vulnerabilities, and intrusions
  • Performs analyses to validate established security requirements and to recommend additional security requirements and safeguards
  • Supports the formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results, and preparation of required reports
  • Periodically conducts a review of each system's audits and monitors corrective actions until all actions are closed
  • May support cyber metrics development, maintenance and reporting
  • May provide briefings to senior staff

The Cybersecurity Analyst Senior Principal performs a critical management role ensuring that the technology underpinning supporting IT support processes and workflows are working effectively, reliably, and efficiently to meet service objectives and customer expectations. You will have the opportunity to solve complex problems, coordinate with multiple suppliers, and optimize processes through automation. This position offers the chance to research and analyze cybersecurity capabilities to satisfy data protection requirements. The Cybersecurity Analyst Senior Principal will also play a key role in representing current capabilities, and support development of future capabilities of supporting ITSM tools. This is a key concept in contributing to a long-term strategy using operational and tactical activities paving the way for continual improvement of the environment to meet security objectives for a satisfying customer experience.

Qualifications

Background / Experience

  • Provides primary expertise for Risks related to Vulnerability Management and handling of, based on NIST processes
  • Provides the ability to create, and maintain processes and procedures to support a robust Vulnerability Management program
  • Provides support to plan, coordinate, and implement tactical response to improve the organization's information security posture
  • Supports Team efforts of colleagues to design, develop, engineer and implement solutions to meet security requirements
  • Supports the implementation and maintenance of the MSI security detection protocols
  • Gathers and organizes technical information about existing security products, and ongoing programs
  • A working knowledge of security practices and procedures; knowledge of current security tools available; hardware/software security implementation; different communication protocols; encryption techniques/tools; familiarity with commercial products, current Internet/EC technology, and open source methodologies
  • Provide support for monitoring events and ongoing maintenance activities
  • Working Knowledge and understanding of management tools used to detect most anomalies within the infrastructure
  • Strong attention to detail and organizational skills
  • Demonstrated previous leadership, deep technical risk analysis, understanding of engineering and architectural system design concepts
  • Ability to write and verbally communicate information security and risk-related concepts effectively to both technical and non- technical audiences
  • Must have strong problem- solving and analytical skills and demonstrate poise and ability to act calmly and competently in high-pressure, high-stress situations
  • Experience managing Risks related to Patching and Vulnerability Management across multiple suppliers, customers, technologies, and processes
  • Support the development of cybersecurity technical roadmaps and documentation to drive continual services and cyber transformation and improvements for the MSI Program
  • Collaborate using networks and professional relationships to achieve common goals
  • Be a cybersecurity leader, and provide mentorship for less experienced cybersecurity practitioners

Education / Certifications

  • Bachelors in Information Systems, Computer Science, Information Security or related IT field and 13+ years of related experience; Masters and 11+ years of related experience. PhD or JD and 8+ years or more experience may be considered with 3+ years relevant risk assessment, information security or analytical experience
  • Must have at least 5 years of direct IT Security experience
  • Working knowledge of Security Standards/Controls specified under various IT governance and compliance models (NIST, ISO 27001&27002, ITIL, SOX, and DFARS/FARS). This includes Applications and Systems Development Security, Security Management Practices, Access Control, Security Architecture and Modeling, Telecommunications, Network Security, Cryptography (PKI), Operations Security, and Physical Security Controls Experience in security hardening and firewall configurations that reflect best practice secure settings based on industry benchmark and / or exceptions that minimize risk to the security and enable business
  • Fundamental technical knowledge of Active Directory, Windows and Linux OSes, VMWare, SDDC and Virtual firewalls, networks, Oracle, SQL, stored procedures, scripts and reports. Experienced with: Linux, Unix, and multiple MS Office products including

Keywords: SAIC, Sterling , Security Manager, Other , Sterling, Virginia

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category
within


Log In or Create An Account

Get the latest Virginia jobs by following @recnetVA on Twitter!

Sterling RSS job feeds