SAIC

Information Systems Security Engineer

SAIC$120K — $150K *
Information Technology
8 - 10 years of experience
Job Overview by Ladders

Qualifications

  • Bachelors plus 14 years, Masters plus 12 years, or PhD/JD plus 9 years of relevant experience.
  • Multiple years managing Risk Management Framework (RMF) products for system accreditation.
  • Experience collaborating with ISSOs and ISSMs; reviewing relevant security documentation.
  • Proficiency in vulnerability management, assessment, and compliance with security controls.
  • Skill in crafting RMF A&A documentation and artifacts for Authority to Operate (ATO) approval.
  • Strong understanding of NIST 800-53 / JSIG standards for security controls.
  • U.S. citizenship and active TS/SCI clearance required.

Responsibilities

  • Define and implement cybersecurity architecture for cloud environments.
  • Collaborate with cloud infrastructure teams using Agile methodologies.
  • Develop RMF Body of Evidence documentation, including security plans and operating concepts.
  • Employ best practices in security controls and secure design across multiple architectures.
  • Conduct testing to validate security requirements and functionalities.
  • Support ATO processes to maintain system accreditation.
  • Mentor and supervise team members as necessary.

Benefits

  • On-site position located in San Diego, CA, facilitating team collaboration.
  • Opportunity to work in a cutting-edge cybersecurity environment.
  • Engagement with diverse cloud infrastructures and stakeholders.
  • Possibility for career advancement through mentorship and supervision opportunities.
  • Involvement in important cyber governance and risk management practices.
Full Job Description
Job Description

We are seeking a highly skilled Information Systems Security Engineer. This position is on-site in San Diego, CA.

Cybersecurity Engineer
Define, communicate, and implement cybersecurity architecture and administration processes for cloud environments across multiple network domains. Collaborate across our cloud infrastructure delivery team and with stakeholders using an Agile process to ensure design, implementation, verification, and continuous monitoring of cloud solutions across multiple domains. Develop Risk Management Framework (RMF) Body of Evidence artifacts, including system security plans and cybersecurity concept of operations documents operating within Cloud environments in alignment with existing RMF packages. Experience in security focused system design that can be scalable across multiple domains while accounting for security requirements across multiple system architectures. Employs best practices when implementing security controls, secure architecture and design to include software engineering methodologies, security engineering principles, secure design and secure coding techniques along with the control selection, configuration and operation of applicable tools, including static analysis and dynamic analysis together with supporting processes. This includes testing of the system security requirements implementation across infrastructure to ensure security control validation as well as functionality. Support assessment and authorization activities to achieve and maintain Authority to Operate (ATO)s. Responsible for the coordination, generation and oversite of RMF documentation for the successful accreditation of multiple cloud environments including the Cyber Security Strategy and Continuous Monitoring Plans as well as overall program lifecycle RMF requirements to include but not be limited to patch management, supply chain, change and defect management. Mentor and supervise team members, as needed.

Qualifications

Typical Education and Experience:
  • Bachelors and fourteen (14) years or more experience; Masters and twelve (12) years or more experience; PhD or JD and nine (9) years or more experience.
  • Multiple years of experience with developing Risk Management Framework (RMF) products and working through system accreditations to ensure RMF implementation across multiple environments
  • Experience in interfacing with Information System Security Officers (ISSO) and Information System Security Managers (ISSM), including reviewing documentation, systems security plans (SSPs), risk assessment reports, accreditation packages, and Plan of Actions and Milestones (POA&Ms)
  • Experience with providing subject matter expertise in a cyber domain, including vulnerability management and assessment, scanning tools, and assessing system compliance with security controls
  • Experience with reviewing policy, planning compelling evidence documents, and writing test results for NIST 800-53 / JSIG Security Controls and Assessment Procedures
  • Ability to work independently to develop RMF A&A documentation and artifacts to obtain RMF Authority to Operate (ATO)
  • U.S. citizenship and an active TS/SCI clearance


About SAIC

Science Applications International Corporation (SAIC) is a technology integrator in the technical, engineering, intelligence, and enterprise information technology markets. SAIC has approximately 26,000 employees and operates in more than 70 countries. The company was founded in 1969 and is headquartered in Reston, Virginia. SAIC provides services to the U.S. government, including the Department of Defense, the intelligence community, and civilian agencies. The company also serves commercial customers in the healthcare, energy, and financial services sectors.
Learn more about SAIC
Size
26,000 employees
Market Cap
$6 billion
Industry
Net Income
$206 million
Founded
1969
5 Year Trend
+10.7%
Revenue
$6.8 billion
NASDAQ

Similar Jobs

More Jobs at SAIC

More Information Technology Jobs

Find similar Information Systems Security Engineer jobs: