Senior Cyber Security Cloud Engineer with Security Clearance
Company: SAIC
Location: Huntsville
Posted on: April 15, 2024
|
|
Job Description:
Description SAIC Engineering is seeking a highly experienced and
energetic Senior Cyber Security Cloud Engineer to join ourSAIC
Engineering team supporting the Cloud One program under the Air
Force Lifecycle Management Center Office for Network Integration
(AFLCMC/HNI)The Cloud One Common Computing Environment is an
existing global, interconnected, virtualized, hybrid, and IT
infrastructure hosting mission systems, applications, services, and
data that will serve the U.SAir Force (USAF) and U.SArmy (USA)Cloud
One incorporates the capabilities of commercial cloud and Managed
Service Providers (MSP) residing in Cloud Service Providers
(CSPs)Cloud One facilitates the USAF and USA's efforts to migrate
applications to a cloud environmentThe Senior Cyber Security Cloud
Engineer will focus on Architecture, implementation, and management
of security in a multi-Cloud EnvironmentThe overarching focus of
this position is to support the engineering team as solutions are
engineered to support Cloud One enhancement efforts, designing the
Security components of these engineering efforts that maintain the
security posture mandated by Cloud One's Authority to OperateIn
Support of the SAIC Chief Engineer, the Cyber Security Engineer
Principle is responsible for responsive and coherent planning,
development, and delivery of assessments of systems and requested
changes within the Cloud One environments to identify where those
systems and changes deviate from acceptable configurations, enclave
policy, or local policy and provide appropriate recommended
solutions to meet those requirementsThis position is 100% remoteJob
Responsibilities:--- Design security architectures; recommend
integration of new architectural features into existing
infrastructures; design cybersecurity architectural artifacts;
provide architectural analysis of cybersecurity features and relate
existing system to future needs and trends; provide engineering
recommendations and resolve integration and testing issues.---
Apply a combination of expert engineering knowledge of enterprise
IT and security solutions to design, develop or review proposed
solutions to ensure they are consistent with enterprise
architecture security policies and support full spectrum military
cyberspace operations.--- Design and develops new or reviews
proposed security control design and solution planning at the
system, mission, and enterprise level,
security-in-depth/defense-in-depth, and other related IAM/ISSO/ISSE
support functionsInvolved in a wide range of security issues
including architectures, firewalls, electronic data traffic, and
network access.--- Perform assessments of RMF artifacts and
identify where those artifacts deviate from RMF control
requirements.--- Review and ensure strict program control processes
to ensure mitigation of risks and support obtaining assessment and
authorization of systemsIncludes support of process, analysis,
coordination, control certification test, compliance documentation,
as well as investigations, software research, hardware introduction
and release, emerging technology research, inspections, and
periodic audits.--- Provide security engineering supporting
DoD/Federal cybersecurity policy (i.e., DoDI 8500.01, NIST SP
800-53, etc.)Problem Complexity: Develops technical solutions to
complex problems which require the regular use of ingenuity and
creativityImpact: Guides the successful completion of major
programsErroneous decisions or recommendations would typically
result in failure to achieve major organizational
objectivesLiaison: Represents SAIC Engineering as the Cyber
technical contact on engineering and architecture projectsInteracts
with senior external personnel on significant technical matters
often requiring coordination between organizations.--- Work with
the government to implement and evolve phased ATO process for the
environment using A&A automation and maximize the use of
inheritance/reciprocity--- Develop approaches support strong
authentication and multi-factor authentication to implement data
access authorization based on user identity--- Evaluate and provide
recommendation methods of verification of the applicable DISA STIG,
SRGs, and best practices--- Provide Tier 3 Cyber Security Service
Provider (CSSP) support, as well as interface with and meet
requirements of the Tier 2 CSSP support providers--- Ability to
provide timely remediation recommendations for audit findings---
Ability to support POA&M reviews and recommendations--- Ability
to support Code Review Security Vulnerabilities Remediation---
Ability to support the updates to Risk Management Framework
Artifacts Qualifications Required Qualifications:--- Bachelors and
nine (9) years or more experience; Masters and seven (7) years or
more experience; PhD or JD and four (4) years or more experienceIn
lieu of a degree additional years of experience will be
considered--- Minimum Information Assurance System Architecture and
Engineering (IASAE) Level III certified IAW DoD 8570.01M replaced
by DoDD 8140--- Compliant with DoD and USAF training requirements
in DoDD 8570.01, DoD 8570.01-M, and AFMAN 17-1303.--- Knowledge of
DoD Policies and procedures including DoD 8500.01 and DoD
8510.01--- Experience with DoD suite of security tools including
Assured Compliance Assessment Solution (ACAS) Experience (Nessus /
Tenable Security Center)--- Experience evaluating STIG/SCAP
compliance scanning and implementation--- 5+ years of experience as
a Cyber Cloud Engineer supporting cloud environments - preferably
AWS and Azure--- Experience evaluating and configuring AWS and
Azure Security Services--- Experience with Risk Management
Framework (RMF) and updating of security artifacts--- Experience
with compliance verification methods including DISA STIG, SRGs, and
best practices--- Experience with DevSecOps--- Knowledge of the DoD
suite of security tools including HBSS, and eMASS--- Knowledge of
cloud environments provided by AWS, Azure, OCI or GCP--- Working
knowledge of Microsoft Office Suite including Microsoft Visio
Desired Qualifications:--- Experience with ORCA Security Suite of
tools--- Experience with Okta Employee and Customer Identity
Solutions--- Experience with Windows Server Update Services
(WSUS)--- Experience with Oracle and Google Cloud Environments---
Knowledge of DoD Enterprise Service Management Framework (DESMF)---
Certified Information Systems Security Professional (CISSP)
certification preferred--- Experience with Agile, Scrum, SAFe or
other modern software development methods/practices--- Experience
supporting Cloud migration effort Required Clearance:--- Interim
Secret clearance required to start; Ability to obtain a Secret
clearance is required to maintain employment.--- US citizenship
required Target salary range: $125,001 - $150,000The estimate
displayed represents the typical salary range for this position
based on experience and other factorsSAIC accepts applications on
an ongoing basis and there is no deadlineCovid Policy: SAIC does
not require COVID-19 vaccinations or boostersCustomer site
vaccination requirements must be followed when work is performed at
a customer site.
Keywords: SAIC, Huntsville , Senior Cyber Security Cloud Engineer with Security Clearance, Engineering , Huntsville, Alabama
Click
here to apply!
|