Senior Information Systems Security Engineer - ISSE Job Listing at SAIC in Suffolk, VA (Job ID 2502780)

Description

Description

SAIC is looking for a Senior Information Systems Security Engineer with experience in US Navy IT networks to support the sustained operation and maintenance of a newly deployed US Navy enterprise transport network, ensuring 24/7/365 availability and reliability. The position will support end-to-end network, system, and element visibility; facilitate rapid operations, administration, maintenance, and provisioning to maintaining the operational integrity of a mission-critical network, requiring both technical expertise and a commitment to excellence in service delivery.

Work will be performed at the Navy customer's site in Suffolk, VA.

Job is contingent on award of funding in April 2025.

Job Duties:

• Ensure Information Assurance Vulnerability Alert Management (IAVM), Communications Task Orders (CTOs), STIG compliance and reporting.
• Maintain compliance with IAVM mandated timeframes associated with the network.
• Identify cyber security requirements prior to customer migration.
• Perform DADMS and DITPR-DON adds and renewals.
• Maintain security compliance for network applications and software. This includes responding to all IAVMs, EXORS, OPORDs, and CTOs for infrastructure and tracking of patches in an enterprise environment.
• Maintain compliance with IAVM mandated timeframes associated with the infrastructure.
• Providing support to respond to cyber security and system Data Calls.
• Provide Vulnerability Remediation Asset Manager (VRAM), data to ensure compliance to technical directives and mitigate against known vulnerabilities.
• Provide updates to DISA Ports protocols services management (PPSM) as required for system accreditation.
• Create, attain, manage, and maintain Assessment and Authorization (A&A) packages under RMF for common control provider and information system owner packages. A common control provider is responsible for common controls (i.e., security controls inherited by information systems).
• Create and maintain packages in eMASS.
• Assist government team leads when required with the creation of RMF required documentation (External Connection requirements, IT Interconnection Agreements, Security Memorandums of Agreement, Security Memorandums of Record, Risk Assessments, Vulnerability Analysis, POAMs and IAVM program support and guidance).
• Track all new STIG releases along with their deltas and participate in STIG implementation.
• Assist government team leads when required with reporting on Audit Readiness capability in accordance with DISA and Navy customer scoring cards.
• Support the development for a process for maintaining and enforcing security for the infrastructure.
• Assist government team leads when required with IAVM requirements reporting.
• Support security/IA requirements definition by identifying security controls to be put in place for systems and networks. Recommend processes for maintaining and enforcing security/Information Assurance for identified systems, networks and systems in support of security engineering. Document the A&A requirements and processes in support of security engineering.
• Execute security scans in compliance with DoD/DoN standard timeframes for infrastructure and customer systems.
• Assist government team leads when required with reporting on customer hosted systems accreditation status.
• Provide vulnerability assessment scans to the government team leads upon request.
• Evaluate, recommend, integrate and implement innovative and automated continuous monitoring capabilities in support of RMF and Cyber Security compliance.

Qualifications

Required Education and Years of Experience:

• Bachelors degree with five (5) or more years' experience supporting an IT Enterprise environment in a cyber, system administration, engineering or management capacity.
  • 4 years of additional experience can be considered in lieu of degree

Required Security Clearance:

• Active Security Secret.

Required Skills and Experience:

• Requires experience with US Navy's Risk Management Framework (RMF) to include at least four years performing Navy A&A responsibilities including policy development, control testing, POA&M management, and Configuration Management.
• Experience using MS office tools such as Excel, Word and Visio; working with DoD tools such as eMASS and DADMS; working with security engineers to review compliance scans; and performing cybersecurity assessments using standards such as CIS Benchmarks, DISA STIGS, etc.
• Broad technical experience related to IT operations, networks, OS's, and system administration.
• Extensive knowledge base in Information Security / Information Assurance / Cybersecurity analysis supporting systems, networks, applications, and cross-domain solutions.

Required Certifications:

• CISSP or equivalent certification

SAIC accepts applications on an ongoing basis and there is no deadline.

Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.

 Apply on company website