SAIC
Information Security Analyst
SAIC, Beltsville, Maryland, United States, 20705
Description
SAIC is seeking a highly motivated Information Security Analyst. The successful candidate will provide support to the Cybersecurity Integrity Center (CIC) in the Department of State Bureau of Information Resource Management (IRM). Duties are in the Washington, D.C. metropolitan area (30% in downtown D.C.; 70% in Beltsville, MD). The CIC supports cybersecurity monitoring, threat analysis, incident response, and infrastructure remediation within and across all of the State Department’s information technology (IT) infrastructure. The CIC coordinates and collaborates with other State Department bureaus as well as other organizations within the Federal Government, and commercial partners. Work is performed in a 24x7x365 operation.
The current shift is Mon-Fri 6am - 230pm. Onsite Monday and Thursday.
Description of Duties:
The Analyst provides Cybersecurity remediation through outreach to system owners and system administrators for the CIC, especially in Microsoft products and security systems, but also including other enterprise server & desktop operating systems enterprise applications, and in support of over 80,000 customers globally. The Cyber Security Analyst will:
Apply sound technical and management principles to identify and remediate cybersecurity --vulnerabilities across the State Department global IT enterprise infrastructure
Apply organizational and process change principals
Provide technical leadership and guidance to security and operational personnel
Evaluate system performance results, lead teams in response to incidents/problems, perform risk assessments, and evaluate performance metrics
Responsibilities include:
Develop, Identify, and resolve security vulnerabilities related to deployment and testing processes
Streamline and optimize processes and procedures to rapidly remediate vulnerabilities from cybersecurity threats
Collaborate with Department and external cyber stakeholders on cybersecurity technology implementations to meet specific operational needs.
Perform technical evaluations of recommended vulnerability mitigation actions and make recommendations based on impact and/or other countermeasures.
Develop strategies for CIC cyber defense technologies, ensuring integration and alignment for continued operation.
Develop policies and procedures.
Identify, diagnose, and prioritize anomalies in cyber defense infrastructure and resources.
Document, request and maintain ports, protocols, and services for CIC infrastructure
Perform cybersecurity testing of developed applications and/or systems. Identify and direct the remediation of technical problems encountered during testing and implementation of new systems.
Develop reports and dashboards and make tuning request to SIEM system owner(s) in support of enhancing cyber monitoring.
Perform security reviews and identify security gaps in architecture. Make recommendations based on trend analysis to enhance monitoring and hygiene activities.
Properly document all systems security implementation, operations, and maintenance activities and update as necessary.
Qualifications
Required Education & Experience:
Bachelors and nine (9) years or more experience; Masters and seven (7) years or more experience ; may accept additional experience in lieu of degree.
Experience reviewing breach notification rule policies and procedures. Reviews policies and procedures related to physical, administrative, and technical safeguards.
Experience providing compliance reports and participating in regular compliance meetings to discuss issues and mitigation strategies.
In-depth experience in planning, implementing, and managing large/global enterprise infrastructures
Knowledge of Cloud application security, Vulnerability Management and Security Information, and Event Management capabilities.
Understanding of Security Information and Event Management (SIEM) tools (Splunk, McAfee).
Familiarity with OMB, NIST, DHS, and related security guidelines and directives.
Interpersonal skills including the ability to collaborate effectively, and excellent written and oral communications.
Ability to communicate IT, networking, and security concepts to personnel at all levels of experience and responsibility.
Clearance Required:
US Citizenship.
Active secret clearance with the ability to obtain Top Secret Clearance.
Desired Education, Skills, & Experience:
Bachelor’s degree in a computer science/computer engineering related discipline or equivalent years of experience and expertise.
8+ years Microsoft Operating Systems (OS) engineering and support experience focusing on Active Directory (AD), System Center Configuration Manager (SCCM), System Center Operations Manager (SCOM).
2+ years extensive experience in penetration testing.
Familiarity of various analytical tools (Splunk, USBDeview, Netwitness, MimiKatz).
Security Assessment Plan (SAP).
Familiarity of Security Assessment Report (SAR), Security Assessment Results Table/RTM (Appendix in SAR).
Network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
Server/endpoint OS (Microsoft, Linux, IOS) along with mobile and cloud technologies.
Knowledge of identity and access management solutions (MFA, PKI, SAML, etc.).
Countermeasures / mitigations to identified cybersecurity risks.
Information protection technologies (e.g., firewalls, antivirus, threat protection, servers, routers, and others as appropriate).
Network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools.
Desired Certifications
GIAC Penetration Tester (GPEN) certification.
Microsoft Certifications (MCSE, MCSA, MCSD).
CISSP or CISM.
IAT/IAM/IASAE level III equivalent.
ISACA Certified Information Systems Auditor (CISA).
GIAC Security Expert (GSE).
SCP Security Certified Network Architect (SCNA).
ISACA Certified Information Security Manager (CISM).
Cisco Certified Network Associated (CCNA).
Certified Ethical Hacker (CEH).
SAIC accepts applications on an ongoing basis and there is no deadline.
Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site. REQNUMBER: 2412253
SAIC is a premier technology integrator, solving our nation's most complex modernization and systems engineering challenges across the defense, space, federal civilian, and intelligence markets. Our robust portfolio of offerings includes high-end solutions in systems engineering and integration; enterprise IT, including cloud services; cyber; software; advanced analytics and simulation; and training. We are a team of 23,000 strong driven by mission, united purpose, and inspired by opportunity. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $6.5 billion. For more information, visit saic.com. For information on the benefits SAIC offers, see Working at SAIC. EOE AA M/F/Vet/Disability
SAIC is seeking a highly motivated Information Security Analyst. The successful candidate will provide support to the Cybersecurity Integrity Center (CIC) in the Department of State Bureau of Information Resource Management (IRM). Duties are in the Washington, D.C. metropolitan area (30% in downtown D.C.; 70% in Beltsville, MD). The CIC supports cybersecurity monitoring, threat analysis, incident response, and infrastructure remediation within and across all of the State Department’s information technology (IT) infrastructure. The CIC coordinates and collaborates with other State Department bureaus as well as other organizations within the Federal Government, and commercial partners. Work is performed in a 24x7x365 operation.
The current shift is Mon-Fri 6am - 230pm. Onsite Monday and Thursday.
Description of Duties:
The Analyst provides Cybersecurity remediation through outreach to system owners and system administrators for the CIC, especially in Microsoft products and security systems, but also including other enterprise server & desktop operating systems enterprise applications, and in support of over 80,000 customers globally. The Cyber Security Analyst will:
Apply sound technical and management principles to identify and remediate cybersecurity --vulnerabilities across the State Department global IT enterprise infrastructure
Apply organizational and process change principals
Provide technical leadership and guidance to security and operational personnel
Evaluate system performance results, lead teams in response to incidents/problems, perform risk assessments, and evaluate performance metrics
Responsibilities include:
Develop, Identify, and resolve security vulnerabilities related to deployment and testing processes
Streamline and optimize processes and procedures to rapidly remediate vulnerabilities from cybersecurity threats
Collaborate with Department and external cyber stakeholders on cybersecurity technology implementations to meet specific operational needs.
Perform technical evaluations of recommended vulnerability mitigation actions and make recommendations based on impact and/or other countermeasures.
Develop strategies for CIC cyber defense technologies, ensuring integration and alignment for continued operation.
Develop policies and procedures.
Identify, diagnose, and prioritize anomalies in cyber defense infrastructure and resources.
Document, request and maintain ports, protocols, and services for CIC infrastructure
Perform cybersecurity testing of developed applications and/or systems. Identify and direct the remediation of technical problems encountered during testing and implementation of new systems.
Develop reports and dashboards and make tuning request to SIEM system owner(s) in support of enhancing cyber monitoring.
Perform security reviews and identify security gaps in architecture. Make recommendations based on trend analysis to enhance monitoring and hygiene activities.
Properly document all systems security implementation, operations, and maintenance activities and update as necessary.
Qualifications
Required Education & Experience:
Bachelors and nine (9) years or more experience; Masters and seven (7) years or more experience ; may accept additional experience in lieu of degree.
Experience reviewing breach notification rule policies and procedures. Reviews policies and procedures related to physical, administrative, and technical safeguards.
Experience providing compliance reports and participating in regular compliance meetings to discuss issues and mitigation strategies.
In-depth experience in planning, implementing, and managing large/global enterprise infrastructures
Knowledge of Cloud application security, Vulnerability Management and Security Information, and Event Management capabilities.
Understanding of Security Information and Event Management (SIEM) tools (Splunk, McAfee).
Familiarity with OMB, NIST, DHS, and related security guidelines and directives.
Interpersonal skills including the ability to collaborate effectively, and excellent written and oral communications.
Ability to communicate IT, networking, and security concepts to personnel at all levels of experience and responsibility.
Clearance Required:
US Citizenship.
Active secret clearance with the ability to obtain Top Secret Clearance.
Desired Education, Skills, & Experience:
Bachelor’s degree in a computer science/computer engineering related discipline or equivalent years of experience and expertise.
8+ years Microsoft Operating Systems (OS) engineering and support experience focusing on Active Directory (AD), System Center Configuration Manager (SCCM), System Center Operations Manager (SCOM).
2+ years extensive experience in penetration testing.
Familiarity of various analytical tools (Splunk, USBDeview, Netwitness, MimiKatz).
Security Assessment Plan (SAP).
Familiarity of Security Assessment Report (SAR), Security Assessment Results Table/RTM (Appendix in SAR).
Network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
Server/endpoint OS (Microsoft, Linux, IOS) along with mobile and cloud technologies.
Knowledge of identity and access management solutions (MFA, PKI, SAML, etc.).
Countermeasures / mitigations to identified cybersecurity risks.
Information protection technologies (e.g., firewalls, antivirus, threat protection, servers, routers, and others as appropriate).
Network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools.
Desired Certifications
GIAC Penetration Tester (GPEN) certification.
Microsoft Certifications (MCSE, MCSA, MCSD).
CISSP or CISM.
IAT/IAM/IASAE level III equivalent.
ISACA Certified Information Systems Auditor (CISA).
GIAC Security Expert (GSE).
SCP Security Certified Network Architect (SCNA).
ISACA Certified Information Security Manager (CISM).
Cisco Certified Network Associated (CCNA).
Certified Ethical Hacker (CEH).
SAIC accepts applications on an ongoing basis and there is no deadline.
Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site. REQNUMBER: 2412253
SAIC is a premier technology integrator, solving our nation's most complex modernization and systems engineering challenges across the defense, space, federal civilian, and intelligence markets. Our robust portfolio of offerings includes high-end solutions in systems engineering and integration; enterprise IT, including cloud services; cyber; software; advanced analytics and simulation; and training. We are a team of 23,000 strong driven by mission, united purpose, and inspired by opportunity. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $6.5 billion. For more information, visit saic.com. For information on the benefits SAIC offers, see Working at SAIC. EOE AA M/F/Vet/Disability