Senior Security Engineer Job Listing at SAIC in Washington, DC (Job ID 2511685)

Description

Description

We are seeking a skilled Security Engineer with extensive experience in vulnerability remediation at the operating system (OS) level to join our IT team on-site in Washington, D.C. The ideal candidate will be responsible for ensuring the security and integrity of our cloud infrastructure by identifying, assessing, and mitigating vulnerabilities. This role requires a deep understanding of cloud services, operating system vulnerabilities, and best practices for securing cloud environments that are hosting a variety for MS Windows, and Linux (Red hat, Ubuntu, Amazon) operating systems. 

Key Responsibilities: 

• Identify and remediate vulnerabilities in cloud infrastructure, with a specific focus on OS-level threats across multiple cloud platforms, including compliance with STIG and CIS benchmarks. 
• Collaborate with the cybersecurity team to conduct regular security assessments, vulnerability scans, and penetration tests to identify potential weaknesses. 
• Contribute to the development and maintenance of security policies, standards, and procedures for cloud infrastructure, working closely with the cybersecurity team. 
• Work with development and operations teams to ensure secure deployment of applications, emphasizing secure configurations and OS-level hardening. 
• Monitor security alerts and logs to detect and respond to potential security incidents across cloud environments. 
• Stay up-to-date with the latest security threats, vulnerabilities, and technology trends relevant to cloud infrastructure and operating systems. 
• Provide guidance and mentorship to junior engineers and team members on best practices for security and vulnerability management in cloud environments. 
• Document security controls, configurations, and processes for audit and compliance purposes, ensuring alignment with organizational standards. 
• Collaborate in maintaining the continuous monitoring strategy; assist in the observation and analysis of detected threats and/or compliance violations.

Qualifications

Qualifications: 

• Bachelor's degree in Computer Science, Information Technology, or a related field with a minimum of 10 years of experience. 
• Proven experience in identifying and remediating OS-level vulnerabilities in both Linux and Windows environments with a strong understanding of STIG and CIS compliance requirements. 
• Strong understanding of cloud security frameworks and best practices, including NIST, CIS, and ISO 27001. 
• Proficiency in using security tools such as Nessus Tenable, ORCA Security, AWS Security Hub, Azure Security Center, Google Cloud Security Command Center, and other vulnerability scanning tools. 
• Familiarity with Red Hat Satellite server, WSUS, IBM BigFix or other similar toolsets. 
• Knowledge of scripting languages such as Python, Bash, PowerShell, Ansible for automation of security remediation tasks. 
• Excellent problem-solving skills and the ability to work under pressure in a fast-paced environment. 
• Strong communication and interpersonal skills, with the ability to explain complex security issues to technical and non-technical stakeholders. 

Additional Requirements: 

• Must be a US citizen, willing and able to work on-site in Washington, D.C. 
• Excellent interpersonal and communication skills, both written and verbal. 
• Commitment to following stringent security protocols. 
• Well-organized, with a high level of attention to detail and the ability to prioritize tasks.

Target salary range: $160,001 - $200,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.

 Apply on company website