Job Description

SAIC is seeking a Senior Security Engineer to support the Portsmouth Naval Shipyard (PNSY) Information Technology Programs for the Dept of the Navy. This initiative leverages advanced technologies and integrates critical defense systems to optimize ship maintenance through IT applications, systems, and training, ensuring sustained mission success in naval ship maintenance operations.

Work is performed on site in Kittery, ME.

Role:

Architects, plans, configures, deploys, maintains, and upgrades COTS/GOTS and custom toolsets to address vulnerabilities and/or implement security controls. Applies a combination of expert engineering knowledge of enterprise IT and security solutions to design, develop and/or implement solutions to ensure they are consistent with enterprise architecture security policies and support full spectrum military cyberspace operations. Designs, tests, and implements secure operating systems, networks, security monitoring, tuning and management of IT security systems and applications, incident response, digital forensics, loss prevention, and eDiscovery actions. Includes security control design and solution planning at the system, mission, and enterprise level, security-in-depth/defense-in-depth, and other related IAM/ISSO/ISSE support functions. Involved in a wide range of security issues including architectures, firewalls, electronic data traffic, and network access. Researches and evaluates cyber capabilities and new security tools and products against operational requirements and introduces them to the enterprise in alignment with IT security strategy, and to support the offensive and defensive capability design and troubleshoot and problem solve technical and non-technical issues. At the Leadership level, this is senior technical staff dedicated to transforming customer environments into a more secure operating environment in a holistic manner.

Responsibilities:

• Provide recommendations for the development of formal policies and procedures to facilitate the protection of Government sensitive unclassified and classified information and the security of the various PSNS and IMF information systems and networks.
• Review PNSY, NAVSEA, DoD, and DoN policies, procedures, and guidelines and shall provide recommendations to support the creation and updating of appropriate policy documents for implementation.
• Assist appropriate Government personnel in determining IA requirements, aid in the development of policies and procedures for implementation and provide support in implementing these mechanisms and processes.
• Support Planning, Analysis, Reporting, and Inspections.
• Support Policy development, Training, Records Management, Cybersecurity Workforce (CSWF) management, Programs, Accounts, Spills.
• Support RMF activities.
• Support security Scans, Vulnerability Management (VM), Incident Response, o Host-Based Security Systems (HBSS), Security Information Event Management (SIEM), and NNPP.

Qualifications

EDUCATION: Bachelor's degree in Computer Networks & Cybersecurity (or related field of study) or additional years of experience considered in lieu of degree

REQUIRED EXPERTISE:

• Ten (10+) years of experience in Information Technology, Cybersecurity, and network security, specializing in system administration, risk management, and incident response.
• Skilled in designing, implementing, and managing secure infrastructure solutions, as well as conducting vulnerability assessments using tools such as Splunk, Kibana, Qualys, and Tenable.
• Extensive background in administering and securing networks, including configuring firewalls, endpoint protection policies, and troubleshooting complex system and network issues.
• Extensive background in storage architecture, including NetApp and Pure Storage.
• Proficient in compliance and risk management tasks, ensuring adherence to RMF, STIGs, and DoD cybersecurity standards.
• Expertise in vulnerability scanning with ACAS and Nessus, as well as coordinating system patches and updates.

REQUIRED CERTIFICATION:

• Must be DoD 8570 compliant in one or more of the following: CompTIA CASP+CE, Security+CE, Network+CE, CYSA+, GCIH, GIAC , or CEH

REQUIRED CLEARANCE:

• Active Secret clearance

NICE TO HAVE/DESRIED:

• Certified in AWS, AWS CCP, EC-Council, or Scrum