Information Systems Security Engineer

Description

SAIC is seeking a highly motivated, detail-oriented, and experienced Information Systems Security Engineer (ISSE) to join our lead systems integrator team in Arlington, Virginia. The ISSE will be responsible for evaluating system vulnerabilities, deploying firewalls and encryption, monitoring for breaches, and developing security policies to ensure data integrity and confidentiality.  The ISSE will implement the cybersecurity posture and ensure compliance of classified information systems in support of Department of the Air Force’s (DAF) Cloud-Base Command and Control (CBC2) Program.  The ideal candidate will have a strong technical background in information security and a thorough understanding of certification and accreditation process IAW NIST 800-53 and the Risk Management Framework (RMF).  The successful candidate will have excellent communication, organizational and problem-solving skills.  They will be expected to continually balance and adjust work priorities to meet short deadlines.

The position is a hybrid position in Arlington, VA.  

Key Responsibilities:

• Develops and implements security designs to ensure that the operating systems and software applications adequately address cyber security requirements.
• Implement and validate Security Technical Implementation Guide (STIG) requirements and/or perform SRG assessments for all development and implementation projects.
• Develop Security Test Procedures (STP), conducts self-assessments to verify compliance with required configuration guidance and support assessment and authorization testing and validation of security designs.
• Perform risk assessments, vulnerability assessments, and security audits to identify system vulnerabilities and provide remediation strategies.
• Collaborate with Information Systems Security Managers (ISSMs) and stakeholders to address risk in compliance with customer standards.
• Monitor systems for compliance with government standards and evolving cybersecurity threats through vulnerability scans, compliance audits, and configuration management.
• Ensure all systems meet Authorization to Operate (ATO) requirements and maintain compliance throughout the system lifecycle.
• Ensure that cybersecurity inspections, tests, and reviews are synchronized and coordinated with affected parties and organizations.
• Read and interpret dataflow, network, and other developmental diagrams effectively.
• Write and utilize documentation. 

Qualifications

Required Skills/Experience:

• Current Certification such as CASP+, CCNP Security, CISA, CISSP, CCSP.
• Hands-on experience with security tools, including encryption technologies, intrusion detection systems, and penetration testing tools.
• Experience working with cross-functional engineering and security teams in classified environments.
• Communicate effectively with multiple stakeholders.
• Bachelor’s Degree in Computer Science, Software Engineering or IT Engineering.
• 9 years of experience in Cybersecurity.
• Active TS/SCI or SCI eligible.