"Alerted.org

Description

SAIC is seeking a **Senior Cybersecurity Specialist** to join our team in **Arlington, VA.**

Responsibilities

+ Develop and optimize Splunk Security Information and Event Management (SIEM) data collection solutions to detect, track, and audit various system logging data for timely response to adverse actions on the network

+ Employ Tenable Nessus and DISA STIG/SCAP tools to generate tailored threat reports for senior management and information system engineers to facilitate effective remediation of identified vulnerabilities

+ Oversee analyst team, providing timely detection, identification, and alerting of possible attacks/intrusions and distinguishing the incidents and events from benign activities

+ Deploy and maintain Elastic Stack (ELK) suite of tools to provide 24/7 threat detection and incident response

+ Perform forensic investigations on host and network systems, determining scope, urgence, and impact of suspected events and makes recommendations that enable timely remediation

+ Integrate MITRE ATT&CK framework with Threat Intelligence data to identify and assess risks and threats, and recommend updates to enterprise security protocols

+ Develop, maintain, and implement Tactic, Techniques & Procedure (TTP) documents, incident response playbooks, and risk mitigation documentation

+ Provide mentorship and training to junior security analysts and provide security awareness training to various cross-functional organizations

Qualifications

Education Requirements:

+ Bachelors degree and five (5) years' experience; Four (4) years' experience can be considered in lieu of degree.

Clearance Requirements:

+ Must possess an active TS/SCI; US Citizenship required.

Required Skills:

+ Proficiency in developing, optimizing, and managing Security Information and Event Management (SIEM) solutions using Splunk to effectively detect, track, and audit system logging data for network security.

+ Experience with Tenable Nessus and DISA STIG/SCAP tools for generating tailored threat reports, identifying network vulnerabilities, and supporting remediation efforts.

+ Strong ability to oversee and support an analyst team in timely detection, identification, and alerting of potential attacks or intrusions, while distinguishing legitimate events from malicious activity.

+ Knowledge of deploying and maintaining the Elastic Stack (ELK) suite of tools for 24/7 threat detection, monitoring, and incident response.

+ Proficiency in conducting forensic investigations (host and network) and integrating the MITRE ATT&CK framework with threat intelligence to assess risks, recommend protocol updates, and produce security documentation (e.g., TTPs, playbooks).

REQNUMBER: 2600374

SAIC is a premier technology integrator, solving our nation's most complex modernization and systems engineering challenges across the defense, space, federal civilian, and intelligence markets. Our robust portfolio of offerings includes high-end solutions in systems engineering and integration; enterprise IT, including cloud services; cyber; software; advanced analytics and simulation; and training. We are a team of 23,000 strong driven by mission, united purpose, and inspired by opportunity. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $6.5 billion. For more information, visit saic.com. For information on the benefits SAIC offers, see Working at SAIC. EOE AA M/F/Vet/Disability