Description
Description
SAIC is seeking a Cyber Security Cloud Engineer for the Cloud One program under the Air Force Lifecycle Management Center Office for Network Integration (AFLCMC/HNI). The Cloud One Common Computing Environment is an existing global, interconnected, virtualized, hybrid, and IT infrastructure hosting mission systems, applications, services, and data that will serve the U.S. Air Force (USAF) and U.S. Army (USA). Cloud One incorporates the capabilities of commercial cloud and Managed Service Providers (MSP) residing in Cloud Service Providers (CSPs). Cloud One facilitates the USAF and USA's efforts to migrate applications to a cloud environment, allowing the closure of data centers to support the Data Center Optimization Initiative (DCOI) and allowing for increased efficiencies across the entire spectrum of the USAF and USA's IT operations. The candidate for this position will work primarily with impact level 6 (IL6) information and need to be in the local vicinity of Hanscom AFB or Gunter AFB. Other locations with access to an IL6 facility could be acceptable.
Job Responsibilities:
- Architects, plans, configures, deploys, maintains, and upgrades COTS/GOTS and custom toolsets to address vulnerabilities and/or implement security controls. Applies a combination of expert engineering knowledge of enterprise IT and security solutions to design, develop and/or implement solutions to ensure they are consistent with enterprise architecture security policies and support full spectrum military cyberspace operations.
- Designs, tests, and implements secure operating systems, networks, security monitoring, tuning and management of IT security systems and applications, incident response, digital forensics, loss prevention, and eDiscovery actions. Includes security control design and solution planning at the system, mission, and enterprise level, security-in-depth/defense-in-depth, and other related IAM/ISSO/ISSE support functions. Involved in a wide range of security issues including architectures, firewalls, electronic data traffic, and network access.
- Researches and evaluates cyber capabilities and new security tools and products against operational requirements and introduces them to the enterprise in alignment with IT security strategy, and to support the offensive and defensive capability design and troubleshoot and problem solve technical and non-technical issues. At the Leadership level this is senior technical staff dedicated to transforming customer environments into a more secure operating environment in a holistic manner.
- Develops technical solutions to complex problems which require the regular use of ingenuity and creativity.
- Guides the successful completion of major programs.
- Represents organization as prime technical contact on contracts and projects. Interacts with senior external personnel on significant technical matters often requiring coordination between organizations.
- Assists in assessing the data Impact Level (IL) of migrating applications in accordance with the DoD Cloud Computing Security Requirements Guide (SRG).
- Provides automated application of DoD-hardened STIG for platforms and application configurations.
- Works with the government to implement and evolve phased ATO process for the environment using A&A automation and maximize the use of inheritance/reciprocity.
- Develops approaches to support strong authentication and multi-factor authentication to implement data access authorization based on user identity.
- Implements and provides a method of verification of the applicable DISA STIG, SRGs, and best practices.
- Configures and implements Azure cloud-native security tools and services.
- Provides and implements timely remediation recommendations for audit findings.
- Supports POA&M reviews and recommendations.
- Supports Code Review Security Vulnerabilities Remediation.
- Supports the updates to Risk Management Framework Artifacts.
- Creates a Microsoft Visio based topology diagram template.
Qualifications
Required Clearance:
- Interim Secret clearance required to start; Ability to obtain a Secret clearance (or higher) required to maintain employment.
- US Citizenship required.
Required Certifications:
- Security+.
- CAP, CASP, CISM, or CISSP.
Required Education/Experience:
- Bachelor's and five (5) years experience in an IT related discipline (preferred).
- Master's and three (3) years experience.
- Additional years of experience accepted in lieu of degree.
Required Qualifications:
- Knowledge of DoD Policies and procedures including DoD 8500.01 and DoD 8510.01.
- Experience with Risk Management Framework (RMF) and updating of security artifacts.
- Experience with compliance verification methods including DISA STIG, SRGs, and best practices
- Experience with DevSecOps.
- Knowledge of the DoD suite of security tools including ACAS, STIG Viewer, Endpoint Security, etc.
- Knowledge of cloud environments provided by Azure.
- Working knowledge of Microsoft Office Suite including Microsoft Visio.
Desired Qualifications:
- Knowledge of DESMF.
- (ISC)2 CISSP, CompTIA CASP, or other cybersecurity certification preferred.
- Experience with Agile, Scrum, SAFe or other modern software development methods/practices.
- Experience supporting USAF or USA software development projects.
- Experience supporting software migration efforts.
SAIC accepts applications on an ongoing basis and there is no deadline.
Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.
Apply on company website