Job DescriptionDescription We are seeking a highly skilled Information Systems Security Engineer. This position is on-site in San Diego, CA.
Cybersecurity Engineer
Define, communicate, and implement cybersecurity architecture and administration processes for cloud environments across multiple network domains. Collaborate across our cloud infrastructure delivery team and with stakeholders using an Agile process to ensure design, implementation, verification, and continuous monitoring of cloud solutions across multiple domains. Develop Risk Management Framework (RMF) Body of Evidence artifacts, including system security plans and cybersecurity concept of operations documents operating within Cloud environments in alignment with existing RMF packages. Experience in security focused system design that can be scalable across multiple domains while accounting for security requirements across multiple system architectures. Employs best practices when implementing security controls, secure architecture and design to include software engineering methodologies, security engineering principles, secure design and secure coding techniques along with the control selection, configuration and operation of applicable tools, including static analysis and dynamic analysis together with supporting processes. This includes testing of the system security requirements implementation across infrastructure to ensure security control validation as well as functionality. Support assessment and authorization activities to achieve and maintain Authority to Operate (ATO)s. Responsible for the coordination, generation and oversite of RMF documentation for the successful accreditation of multiple cloud environments including the Cyber Security Strategy and Continuous Monitoring Plans as well as overall program lifecycle RMF requirements to include but not be limited to patch management, supply chain, change and defect management. Mentor and supervise team members, as needed.
Qualifications Typical Education and Experience:- Bachelors and fourteen (14) years or more experience; Masters and twelve (12) years or more experience; PhD or JD and nine (9) years or more experience.
- Multiple years of experience with developing Risk Management Framework (RMF) products and working through system accreditations to ensure RMF implementation across multiple environments
- Experience in interfacing with Information System Security Officers (ISSO) and Information System Security Managers (ISSM), including reviewing documentation, systems security plans (SSPs), risk assessment reports, accreditation packages, and Plan of Actions and Milestones (POA&Ms)
- Experience with providing subject matter expertise in a cyber domain, including vulnerability management and assessment, scanning tools, and assessing system compliance with security controls
- Experience with reviewing policy, planning compelling evidence documents, and writing test results for NIST 800-53 / JSIG Security Controls and Assessment Procedures
- Ability to work independently to develop RMF A&A documentation and artifacts to obtain RMF Authority to Operate (ATO)
- U.S. citizenship and an active TS/SCI clearance
Target salary range: $160,001 - $200,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.
Overview SAIC accepts applications on an ongoing basis and there is no deadline.
