Cyber Engineer Senior
SAIC
- Beltsville, MD
- Permanent
- Full-time
The Senior Systems Security Engineer/SME provides technical leadership, guidance and management oversight for the CIC, especially in the area of Microsoft products and security systems, but also including other enterprise server & desktop operating systems enterprise applications, and in support of over 80,000 customers globally. The Senior Systems Security Engineer/Subject Matter Expert (SME) will:
- Apply sound technical and management principles to identify and remediate cybersecurity --vulnerabilities across the State Department global IT enterprise infrastructure.
- Apply organizational and process change principals.
- Provide technical leadership and guidance to security and operational personnel.
- Evaluate system performance results, lead teams in response to incidents/problems, perform risk assessments, and evaluate performance metrics.
- Develop, Identify and resolve security vulnerabilities related to deployment and testing processes.
- Streamline and optimize processes and procedures in order to rapidly remediate vulnerabilities from cybersecurity threats.
- Identify and remediate cybersecurity vulnerabilities.
- Provide detailed assessments of potential risks to Microsoft-based systems, including both operating systems and applications, in accordance with NIST SP 800-30 Revision 1.
- Collaborate with Department and external cyber stakeholders on cybersecurity technology implementations to meet specific operational needs.
- Perform technical evaluations of recommended vulnerability mitigation actions and make recommendations based on impact and/or other countermeasures.
- Develop strategies for CIC cyber defense technologies, ensuring integration and alignment for continued operation.
- Perform operation and maintenance activities in support of existing CIC cyber tools and technologies (MSV, Qualys, Tenable Nessus and others).
- Identify, diagnose and prioritize anomalies in cyber defense infrastructure and resources.
- Document, request and maintain ports, protocols and services for CIC infrastructure.
- Perform cybersecurity testing of developed applications and/or systems. Identify and direct the remediation of technical problems encountered during testing and implementation of new systems.
- Develop reports and dashboards and make tuning request to SIEM system owner(s) in support of enhancing CIC cyber monitoring.
- Perform security reviews and identify security gaps in architecture. Make recommendations based on trend analysis to enhance CIC monitoring and hygiene activities.
- Properly document all systems security implementation, operations, and maintenance activities and update as necessary.
- Bachelors and ten (10) years or more experience; Masters and seven (7) years or more experience; additional experience may be accepted in lieu of degree.
- Experience with Microsoft Operating Systems (OS) engineering and support experience focusing on Active Directory (AD), System Center Configuration Manager (SCCM), System Center Operations Manager (SCOM).
- In-depth experience in planning, implementing, and managing large/global enterprise infrastructures.
- Familiarity of various analytical tools (Splunk, USBDeview, Netwitness, MimiKatz).
- Understanding of Security Information and Event Management (SIEM) tools (Splunk, McAfee).
- Familiarity with OMB, NIST, DHS, and related security guidelines and directives.
- Interpersonal skills including the ability to collaborate effectively, and excellent written and oral communications.
- US Citizenship.
- Active Secret Clearance with the ability to obtain Top Secret Clearance.
- Active Top Secret is preferred.
- Bachelor degree in a computer science/computer engineering related discipline or equivalent years of experience and expertise.
- Network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
- Server/endpoint OS (Microsoft, Linux, IOS) along with mobile and cloud technologies.
- Cloud application security, Vulnerability Management and Security Information, and Event Management capabilities.
- Knowledge of identity and access management solutions (MFA, PKI, SAML, etc..)
- Countermeasures / mitigations to identified cybersecurity risks.
- Information protection technologies (e.g., firewalls, antivirus, threat protection, servers, routers, and others as appropriate).
- Network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools.
- Cyber defense technologies, including but not limited to: Vulnerability Scanning & Management, Endpoint detection and response, threat protection, and network defenses.
- Microsoft Certifications (MCSE, MCSA, MCSD);
- CISSP or CISM;
- IAT/IAM/IASAE level III equivalent.
- ISACA Certified Information Systems Auditor (CISA).
- GIAC Security Expert (GSE).
- SCP Security Certified Network Architect (SCNA).
- ISACA Certified Information Security Manager (CISM).
- Certified Network Defense Architect (CNDA) or Certified Ethical Hacker (CEH).
- Cisco Certified Network Professional (CCNP).