Apply on Employer Site

SAIC · 1 day ago

Vulnerability Analyst

Washington, DC

Full-time

Onsite

Senior Level

$80K/yr - $120K/yr

5+ years exp

SAIC is seeking a skilled Security Engineer with extensive experience in vulnerability remediation at the operating system level across various cloud environments. The role involves ensuring the security and integrity of cloud infrastructure by identifying, assessing, and mitigating vulnerabilities.

Information TechnologySecurityService IndustrySoftware

Work & Life Balance

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Identify and remediate vulnerabilities in cloud infrastructure, with a specific focus on OS-level threats across multiple cloud platforms, including compliance with STIG and CIS benchmarks

Collaborate with the cybersecurity team to conduct regular security assessments, vulnerability scans, and penetration tests to identify potential weaknesses

Contribute to the development and maintenance of security policies, standards, and procedures for cloud infrastructure, working closely with the cybersecurity team

Work with development and operations teams to ensure secure deployment of applications, emphasizing secure configurations and OS-level hardening

Monitor security alerts and logs to detect and respond to potential security incidents across cloud environments

Stay up-to-date with the latest security threats, vulnerabilities, and technology trends relevant to cloud infrastructure and operating systems

Provide guidance and mentorship to junior engineers and team members on best practices for security and vulnerability management in cloud environments

Document security controls, configurations, and processes for audit and compliance purposes, ensuring alignment with organizational standards

Qualification

Vulnerability remediationCloud security frameworksOS-level vulnerabilitiesSecurity tools proficiencyCloud engineering experienceScripting languagesProblem-solving skillsCommunication skillsInterpersonal skills

Required

Bachelor's degree in Computer Science, Information Technology, or a related field and 2 years of relevant experience

Must be a U.S. Citizen with the ability to obtain and maintain a secret clearance

Professional certifications such as AWS Certified Security - Specialty, Azure Security Engineer Associate, Google Professional Cloud Security Engineer, or equivalent

Minimum of 5 years of experience in cloud engineering, with a focus on security and vulnerability management across AWS, Azure, OCI, and GCP

Proven experience in identifying and remediating OS-level vulnerabilities in both Linux and Windows environments with a strong understanding of STIG and CIS compliance requirements

Strong understanding of cloud security frameworks and best practices, including NIST, CIS, and ISO 27001

Proficiency in using security tools such as Nessus Tenable, ORCA Security, AWS Security Hub, Azure Security Center, Google Cloud Security Command Center, and other vulnerability scanning tools

Familiarity with Red Hat Satellite server, WSUS, IBM BigFix or other similar toolsets

Knowledge of scripting languages such as Python, Bash, PowerShell, Ansible for automation of security remediation tasks

Excellent problem-solving skills and the ability to work under pressure in a fast-paced environment

Strong communication and interpersonal skills, with the ability to explain complex security issues to technical and non-technical stakeholders

Must be a US citizen, willing and able to work on-site in Washington, D.C

Excellent interpersonal and communication skills, both written and verbal

Commitment to following stringent security protocols

Well-organized, with a high level of attention to detail and the ability to prioritize tasks