Apply on Employer Site

SAIC · 2 hours ago

Cloud Cybersecurity Engineer

Alexandria, VA

Full-time

Hybrid

Senior Level

5+ years exp

SAIC is seeking an experienced Cloud Cybersecurity Engineer with expertise in IL4, IL5, and IL6 cloud environments. The role involves obtaining and maintaining ATO certifications, conducting compliance reviews, and managing cybersecurity incidents while ensuring security operations are enhanced through automation.

Information TechnologySecurityService IndustrySoftware

Work & Life Balance

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Perform tasks required to obtain and maintain ATO certifications for systems operating in IL4, IL5, and IL6 cloud environments

Develop and maintain System Security Packages (SSPs), including conducting Control Assessments and compliance reviews

Evaluate and remediate findings related to cyber frameworks, such as FISMA, NIST 800-53

Assist with POA&M development and ensure that all remediation efforts are completed to meet timelines

Conduct and support STIG hardening, compliance verification, and implementation

Perform SAST (Static Application Security Testing) using tools such as SonarQube and ensure timely remediation of code vulnerabilities

Conduct DAST (Dynamic Application Security Testing) using tools like Burp Suite, addressing identified vulnerabilities

Oversee routine vulnerability scanning, using tools such as ACAS, and ensure all findings are remediated per organizational SLAs

Design and deploy cybersecurity automation solutions to streamline processes such as vulnerability management, compliance, and monitoring

Lead the implementation of automated dashboards and metrics tools that provide continuous visibility into security posture

Partner with cross-functional teams to ensure tools and platforms are properly configured for secure automation workflows

Manage enterprise-wide vulnerability management processes, including routine scans, prioritized remediation, and reporting

Respond to and manage cybersecurity incidents, implementing response procedures to mitigate and resolve issues in a timely manner

Act as the primary point of contact for incident tracking, forensics, and reporting to leadership and stakeholders

Generate detailed reports and actionable insights on vulnerability management, scanning results (code and infrastructure), POA&M statuses, and system readiness metrics

Maintain and present dashboards that communicate key cybersecurity metrics to technical teams and executive stakeholders

Qualification

IL4IL5IL6 environmentsAuthority to Operate (ATO)STIG implementationSAST/DAST scanningVulnerability managementIncident responseCybersecurity automationCybersecurity certificationsCompliance reviews

Required

Bachelors and five (5) years or more experience; Masters and three (3) years or more experience; PhD and zero (0) years related experience; four (4) years of experience considered in lieu of degree

Proven hands-on experience working with IL4, IL5, and IL6 environments and securing cloud environments (e.g., Azure, AWS)

Strong technical expertise in STIG implementation, SAST/DAST scanning and remediation, and vulnerability scans for both code and operating systems

Demonstrated success in obtaining and maintaining ATO within government frameworks

Prior experience in incident response and vulnerability lifecycle management

Candidate must have an active Secret clearance