Apply on Employer Site

SAIC · 11 hours ago

Senior Cybersecurity Specialist

Arlington, VA

Full-time

Onsite

Senior Level

5+ years exp

SAIC is seeking a Senior Cybersecurity Specialist to join our team in Arlington, VA. The role involves developing and optimizing cybersecurity solutions, overseeing analyst teams, and conducting forensic investigations to ensure the security of the network.

Information TechnologySecurityService IndustrySoftware

Work & Life Balance

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Develop and optimize Splunk Security Information and Event Management (SIEM) data collection solutions to detect, track, and audit various system logging data for timely response to adverse actions on the network

Employ Tenable Nessus and DISA STIG/SCAP tools to generate tailored threat reports for senior management and information system engineers to facilitate effective remediation of identified vulnerabilities

Oversee analyst team, providing timely detection, identification, and alerting of possible attacks/intrusions and distinguishing the incidents and events from benign activities

Deploy and maintain Elastic Stack (ELK) suite of tools to provide 24/7 threat detection and incident response

Perform forensic investigations on host and network systems, determining scope, urgence, and impact of suspected events and makes recommendations that enable timely remediation

Integrate MITRE ATT&CK framework with Threat Intelligence data to identify and assess risks and threats, and recommend updates to enterprise security protocols

Develop, maintain, and implement Tactic, Techniques & Procedure (TTP) documents, incident response playbooks, and risk mitigation documentation

Provide mentorship and training to junior security analysts and provide security awareness training to various cross-functional organizations

Qualification

Splunk SIEMTenable NessusElastic Stack (ELK)Forensic investigationsMITRE ATT&CK framework

Required

Bachelors degree and five (5) years' experience; Four (4) years' experience can be considered in lieu of degree

Must possess an active TS/SCI; US Citizenship required

Proficiency in developing, optimizing, and managing Security Information and Event Management (SIEM) solutions using Splunk to effectively detect, track, and audit system logging data for network security

Experience with Tenable Nessus and DISA STIG/SCAP tools for generating tailored threat reports, identifying network vulnerabilities, and supporting remediation efforts

Strong ability to oversee and support an analyst team in timely detection, identification, and alerting of potential attacks or intrusions, while distinguishing legitimate events from malicious activity

Knowledge of deploying and maintaining the Elastic Stack (ELK) suite of tools for 24/7 threat detection, monitoring, and incident response

Proficiency in conducting forensic investigations (host and network) and integrating the MITRE ATT&CK framework with threat intelligence to assess risks, recommend protocol updates, and produce security documentation (e.g., TTPs, playbooks)