Search for More Jobs
Get alerts for jobs like this Get jobs like this tweeted to you
Company: SAIC
Location: REMOTE WORK, GA
Career Level: Mid-Senior Level
Industries: Technology, Software, IT, Electronics

Description

Description

This is a remote position. The work location can be anywhere in the US.

The Cyber Engineer Sr will be a key member of a fast-paced Security Operations Center monitoring and enhancing operations for both Cloud and data center environments. 
 
The position responsibilities include:
⁃       The candidates will work across a multi-cloud (AWS Commercial, GovCloud, and Azure for Government) and data center environments to extract data from tools such as Splunk, or OpenSearch.
⁃       Understanding and familiarity with cloud architectures (e.g., SaaS, PaaS), cloud systems (AWS, Azure), and security solutions.
⁃       Familiarity with common cyber security technical controls and their application to cloud and on-prem systems, such as access control, audit and accountability, configuration management, identification and authentication, system and communication protection, and system and information integrity.
⁃       Understanding of US Government cyber security standards and methodologies including FISMA, the NIST Cyber Security Framework, NIST 800-37 Risk Management Framework, NIST 800-53 Cyber Security Controls, and the Federal Risk and Authorization Management Program (FedRAMP).
⁃       Provide security monitoring and response to alerts across both Cloud and data center environments.
⁃       Responsible for accurately documenting security alerts (both routine and unusual).
⁃       Familiarity with SIEM tools such as Splunk.
⁃       Ability to aggregate various log data sources to assess and triage security incidents.  
⁃       Liaison in an Enterprise environment with security staff and application development teams.
⁃       Identify and collaborate with team to automate process enhancements of current SOC processes.
⁃       Familiarity with attacker tactics and frameworks such as the MITRE ATT&CK framework.
⁃       Experience with hands on participation in threat hunting on either red and/or blue teams.
⁃       Actively monitor and maintain event and incident tickets.
⁃       Follow incident response process and actively involved with actionable improvement recommendations.
⁃       Experience scripting and automating using API calls - Python preferred.
⁃       Works well with peers to build strong relationships with delivery and customer teams across organizational boundaries.
⁃       Current or prior work experience at the Centers for Medicare and Medicaid Services (CMS) and in particularly the Office of Information Technology / Infrastructure and User Services Group (OIT / IUSG).
⁃       Desire to learn new skills, new client environments, new tools and new domain expertise quickly and eagerly.
 

Qualifications

 ⁃      Bachelors degree and six (6) years or more experience. Four years of experience may be considered in lieu of a degree.
⁃       At least 5-years in of Cybersecurity experience.
⁃       Experience with SIEM tools (Such as Splunk, Snowflake, Panther.io and ELK stacks).
⁃       Experience with SOAR tools (Such as Splunk Phantom or Swimlane).
⁃       Adept at scripting automations and data extraction using python.
⁃       Experience as a prior SOC engineer.
⁃       Have Resided in the US at least 3 of the last 5 years with the ability to obtain a public trust clearance.


Target salary range: $120,001 - $160,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.
SAIC accepts applications on an ongoing basis and there is no deadline.

Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.


 Apply on company website