• Senior Security Engineer

    SAIC (Washington, DC)


    Description

    We are seeking a skilled Security Engineer with extensive experience in vulnerability remediation at the operating system (OS) level to join our IT team on-site in Washington, D.C. The ideal candidate will be responsible for ensuring the security and integrity of our cloud infrastructure by identifying, assessing, and mitigating vulnerabilities. This role requires a deep understanding of cloud services, operating system vulnerabilities, and best practices for securing cloud environments that are hosting a variety for MS Windows, and Linux (Red hat, Ubuntu, Amazon) operating systems.

    Key Responsibilities:

    + Identify and remediate vulnerabilities in cloud infrastructure, with a specific focus on OS-level threats across multiple cloud platforms, including compliance with STIG and CIS benchmarks.

    + Collaborate with the cybersecurity team to conduct regular security assessments, vulnerability scans, and penetration tests to identify potential weaknesses.

    + Contribute to the development and maintenance of security policies, standards, and procedures for cloud infrastructure, working closely with the cybersecurity team.

    + Work with development and operations teams to ensure secure deployment of applications, emphasizing secure configurations and OS-level hardening.

    + Monitor security alerts and logs to detect and respond to potential security incidents across cloud environments.

    + Stay up-to-date with the latest security threats, vulnerabilities, and technology trends relevant to cloud infrastructure and operating systems.

    + Provide guidance and mentorship to junior engineers and team members on best practices for security and vulnerability management in cloud environments.

    + Document security controls, configurations, and processes for audit and compliance purposes, ensuring alignment with organizational standards.

    + Collaborate in maintaining the continuous monitoring strategy; assist in the observation and analysis of detected threats and/or compliance violations.

    Qualifications

    Qualifications:

    + Bachelor's degree in Computer Science, Information Technology, or a related field with a minimum of 10 years of experience.

    + Proven experience in identifying and remediating OS-level vulnerabilities in both Linux and Windows environments with a strong understanding of STIG and CIS compliance requirements.

    + Strong understanding of cloud security frameworks and best practices, including NIST, CIS, and ISO 27001.

    + Proficiency in using security tools such as Nessus Tenable, ORCA Security, AWS Security Hub, Azure Security Center, Google Cloud Security Command Center, and other vulnerability scanning tools.

    + Familiarity with Red Hat Satellite server, WSUS, IBM BigFix or other similar toolsets.

    + Knowledge of scripting languages such as Python, Bash, PowerShell, Ansible for automation of security remediation tasks.

    + Excellent problem-solving skills and the ability to work under pressure in a fast-paced environment.

    + Strong communication and interpersonal skills, with the ability to explain complex security issues to technical and non-technical stakeholders.

    Additional Requirements:

    + Must be a US citizen, willing and able to work on-site in Washington, D.C.

    + Excellent interpersonal and communication skills, both written and verbal.

    + Commitment to following stringent security protocols.

    + Well-organized, with a high level of attention to detail and the ability to prioritize tasks.

     

    Target salary range: $160,001 - $200,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.

    REQNUMBER: 2511685

    SAIC is a premier technology integrator, solving our nation's most complex modernization and systems engineering challenges across the defense, space, federal civilian, and intelligence markets. Our robust portfolio of offerings includes high-end solutions in systems engineering and integration; enterprise IT, including cloud services; cyber; software; advanced analytics and simulation; and training. We are a team of 23,000 strong driven by mission, united purpose, and inspired by opportunity. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $6.5 billion. For more information, visit saic.com. For information on the benefits SAIC offers, see Working at SAIC. EOE AA M/F/Vet/Disability