Cyber Security Project Engineer Job Listing at SAIC in Chantilly, VA (Job ID 2511490)

Description

Description

SAIC is seeking a Cyber Security Project Engineer to support a diverse set of corporate goals across the organization by conducting technical risk assessments and providing technical risk mitigation guidance on the use of various enabling technologies.

This position is located in Chantilly, VA and requires an active TS/SCI clearance with Polygraph.

Job responsibilities include, but are not limited to: 

• Perform technical risk assessments and provide technical risk mitigation guidance on the use of various enabling technologies. 
• Gather Body of Evidence (BOE) and assess artifacts, such as CONOPS, use cases, detailed network diagrams, technical design details, procurement methods, and System Security Plan (SSP) to get a holistic view of the interworking parts of a given technology implementation being evaluated, from which real insights can be derived to inform risk assessor's judgement. 
• Apply consistent and systematic investigative practices to comprehensively assess risks, identify and characterize threats and vulnerabilities. 
• Evaluate system or network operations using network management platforms, network scanning tools, auditing functions, PCAP captures, and log reviews. 
• Analyze system, network, or cloud configurations for mis-configured settings, configurations not required for deployment, removal of test scripts to minimize the configuration to fulfill the specific deployment. 
• Analyze hardware and software used in a system or network for origin of manufacturer, known vulnerabilities, outdated hardware or software. 
• Remain current with existing and future technologies to assist with identifying associated risks of implementing proposed technologies. 
• Provide guidance of potential cyber threats, attacks, and exploitations and advise decision-makers of the inherent risks and mitigation. 
• Ensure appropriate risk mitigation considerations are baked in early in the development cycle, and risks and vulnerabilities are well understood and appropriately mitigated.  Organize and schedule work to effectively manage a case load 
• Track, document, and communicate progress status updates and weekly status updates on all technical risk assessment reports, cases describing potential security concerns and mitigations to enhance security posture.

Qualifications

• Active TS/SCI with polygraph.
• Bachelors and 14 years or more experience; Masters 12 years or more experience.
• Demonstrated experience analyzing IT systems for cyber security vulnerabilities. 
• Demonstrated experience developing IT system or network architecture design, conducting IP data flow analysis, encryption configuration, and vulnerability analysis using both open-source and commercial tools, such as Nmap, Wireshark, Metasploit, Canvas, Kismet, or BackTrack. 
• Experience analyzing IT network configurations of devices such as firewalls, routers, switches, VPNs, or Intrusion Detection/Prevention Systems for cyber security vulnerabilities. 
• Experience with communications protocols such as IP, TCP, UDP, HTTP, HTTPS, MPLS, OSPF, IGRP, BGP, SIP, H.232. 
• Ability to work in multiple OS's, including Windows, Linux, and OSX. 
• Experience with cloud computing technology and hypervisors such as HyperV, VMWare ESX, or Virtual Box. 
• Ability to transition security domains and use of cross domain appliances. 
• Knowledge ofnetwork management systems, network storage, backup systems, and disaster recovery (DR) architectures. 
• Ability to perform technical risk assessments and providing technical risk mitigation guidance. 
  Knowledge of appropriate risk mitigation considerations. 
• Experience analyzing procurement processes of hardware, software and services to comply with cyber security and operational needs.
• Ability to create concise and well-structured written assessments. 
• Certifications: CISSP Certification.