SAIC is seeking a Lead Cyber Security Engineer.
Note: This role offers temporary work from home/ remote/ virtual work at home due to COVID-19. Eventually the work will go back on site at Aberdeen Proving Ground, Maryland.
- Provide senior level oversight and direction in support of managing engineering and other related functions in support of Cyber Security Engineering requirements.
- Lead the day-to-day technical guidance, customer engagements, task prioritization, and project baseline activities that include initiation, planning, execution, monitoring, controlling and closure.
- Lead the daily operations of a complex Government/Contractor team that includes the requirements analysis, systems engineering, and integration of multiple functional areas and tools, including by not limited to an integrated master schedules (IMS), basis of estimates (BOE), and work breakdown structure (WBS).
- Develop and review Cyber Security documentation validating software quality, security, reliability and maintainability attributes. Identify gaps in information assurance/cyber posture and assess risks.
- Participate in development and review of RMF documentation, Networthiness Documentation, IAVAs, and ensure STIG compliance and validation.
- Develop strategies, goals, tasks, roles, responsibilities, and information needs for Cyber Security surveillance and oversight.
- Review information systems for compliance with applicable DoDI 8500.01 and DoDI 8510.01
- Provide IS security advice and guidance in accordance with applicable regulations, and directives and guidance to Government and DoD partners for the protection of data at all classification levels including SCI.
- Evaluate and recommend approval, disapproval, or waiver(s) for IS processing national security data.
- Provide input or consideration in the promulgation of future security policy.
- Support and/or conduct site visits and assessments to inspect and verify IS reports and plans at various locations, and provide a written report for review and approval.
- Prepare reports and memoranda, to include, but not limited to: Memoranda for the Record (MFR), Memoranda of Agreement (MOA), Authorization To Proceed, and status and technical briefs for review and approval by government Cyber Security.
- Update data on Government-provided databases with current information about IS status.
- Prepare, review, and record notification and status messages to indicate A&A state of systems to system owner or programs.
- Ensure IS security requirements, including applicable RMF directives and guidance, are addressed and applied; appropriate documentation prepared by the system owners or programs inclusive of the Security Assessment Package, Concept of Operations (CONOPS) Plan, System Security Plans, System Requirements Traceability Matrix, Risk Management Matrix, Test Results, interface control documents, requests for changes, test plans, and other related program security documentation.
- Track completion of the Security Assessment Package and report status.
- Provide preparation of the Security Assessment Report (SAR). The SAR contents include, but not limited to, the Summary of Assessment results and Authorization Recommendation.
Required Education and Experience
- HS/GED and 16 years of related experience OR Bachelors and twelve (12) years of experience; OR Master’s Degree or higher, and ten (10) years of experience;
- Active Top Secret clearance with a current SSBI and be SCI-eligible or current TS/SCI
- Current 8570 certification (Security , CISSP, CASP, etc.)
- Experience managing multiple teams as part of a larger Government/Contractor program.
- Experience with Information Assurance vulnerability scanning tools
- Experience with the implementation of Security Technical Implementation Guides (STIGs) to remove vulnerabilities for IA compliance
- Experience with the Risk Management Framework (RMF) process and compliance with an Authority to Operate (ATO)
- Experience with system acceptance testing (SAT), test readiness review (TRR), and discrepancy reporting (DR)
- Experience with current and emerging biometric technologies, biometric modalities and exploitation services.