Today
Secret
Unspecified
Unspecified
IT - Security
Arlington, VA (On-Site/Office)
Description
SAIC is seeking an experienced and proactive expert to join our distinguished Information Assurance/Information Security (InfoSec) team. The ideal candidate will exemplify a results-driven attitude and possess the expertise to oversee and manage multiple complex systems efficiently. This candidate must have a Secret Clearance and be able to get a TS/SCI. Candidates must sit on site in our Arlington VA Location.
Job Responsibilities:
Qualifications
•
Skills:
Desired Experience:
SAIC is seeking an experienced and proactive expert to join our distinguished Information Assurance/Information Security (InfoSec) team. The ideal candidate will exemplify a results-driven attitude and possess the expertise to oversee and manage multiple complex systems efficiently. This candidate must have a Secret Clearance and be able to get a TS/SCI. Candidates must sit on site in our Arlington VA Location.
Job Responsibilities:
- Proactive Problem Solving and Support: Provide expert solutions to complex issues faced by team members and proactively address potential roadblocks.
- Team Collaboration and Communication: Facilitate and lead discussions with team members, ensuring clear and effective communication of plans and strategies.
- Continuous Monitoring and Auditing: Lead and oversee continuous monitoring efforts, perform comprehensive system audits, and provide advanced risk management insights.
- Risk and Compliance Advisory: Offer strategic advisory services on compliance frameworks and develop guidelines for security tools and processes based on industry best practices.
- Process Improvement and Documentation: Lead efforts to refine, document, and optimize security processes and procedures, with a focus on efficiency and effectiveness.
- Project and Task Management: Manage complex projects and tasks using tools like Azure DevOps (ADO), ensuring timely and successful completion.
- Technical Leadership: Provide strategic direction and leadership for security projects, ensuring compliance with policies and alignment with organizational goals.
- Security Incident Management: Act as the primary responder for high-severity security incidents, conducting thorough investigations and implementing robust corrective measures.
- Vulnerability Management: Lead efforts to identify, assess, and mitigate vulnerabilities in information systems, ensuring proactive security posture.
- Access Control Management: Oversee and manage the entire lifecycle of user access controls, ensuring robust authorization and authentication mechanisms are in place.
- System Security Engineering: Lead the design and implementation of secure systems and architectures, ensuring alignment with security best practices.
- Compliance Audits Preparation: Lead the preparation for and facilitation of external and internal compliance audits, ensuring readiness and adherence to standards.
- Policy Development: Develop, update and enforce comprehensive information security policies and procedures, ensuring alignment with organization and regulatory requirements.
- Training and Awareness: Design, develop, and conduct advanced security training and awareness programs for staff, fostering a culture of security within the organization.
- Threat Intelligence: Lead the monitoring, collection and comprehensive analysis of threat intelligence from multiple, diverse sources. Develop and update risk assessment frameworks to integrate advanced threat intelligence insights.
Qualifications
•
- Bachelor's degree and five (5) years of related experience, or Master's degree and 3 years' experience.
- Active Secret clearance, with the ability to obtain TS/SCI clearance.
- DoD 8570/8140 IAM Level III certification (CISSP, CISM, CCISO)
- Extensive experience and deep knowledge of DCSA and DAAPM.
- Advanced working knowledge of Risk Management Framework (RMF) and substantial experience creating and overseeing RMF System Security Plans in eMASS.
- In-depth familiarity with NISPOM, NIST 800-53, and ICD 503.
- Advanced experience with security assessment tools such as SCAP Compliance Checker, STIG Viewer, and ACAS/Nessus.
- Expert proficiency in Windows (10/11) and Windows Server (2018/2022) operating systems.
- Thorough understanding of Windows integration into Microsoft Active Directory, PKI, and Group Policies.
- Comprehensive knowledge of Host-Based Security Systems (HBSS).
- Extensive experience with DISA security policies, including STIGs and IAVA.
Skills:
- Exemplary interpersonal and communication skills with the ability to lead and influence stakeholders at all levels.
- Proven ability to operate autonomously and lead complex security projects or functions.
- Strategic vision and capability to ensure a thorough and proactive security posture across the organization.
Desired Experience:
- Advanced experience in implementing security controls for both Windows and Linux Operating Systems.
- Significant experience with the operation and maintenance of a government SIPRNet system.
- Proven ability to adopt a holistic approach to security, ensuring overall security posture and contributing to team success.
group id: 10111346
