Jobs · Engineering · California

Cyber Engineer Principal

SAIC · San Diego, CA · 5 days ago
Engineering$160k–$200k/yrFull-time

Cybersecurity Engineer

SAIC is seeking a Senior Cybersecurity Engineer to support strategic communications programs within the Department of Defense (DoD).

Job Duties

  • Cybersecurity Compliance and RMF Activities
  • Propose, coordinate, implement, and enforce all DoD/DoN cybersecurity policies, standards, and methodologies for the operational environment (OE), software applications, and government test tools.
  • Perform risk assessments in support of RMF lifecycle activities and implement continuous monitoring plans to sustain ATO.
  • Aid with annual security reviews, re-authorizations, and compliance with ATO stipulations.
  • Vulnerability Management and Mitigation
  • Conduct vulnerability assessments using tools such as ACAS, SCAP, and other automated tools to ensure compliance with DISA Security Technical Implementation Guides (STIGs).
  • Develop and update cybersecurity baselines, including monthly security patching, system lockdowns, and configuration updates.
  • Conduct independent cybersecurity scans and audits to verify the security posture of systems before and after new configurations are implemented.
  • Baseline Development and Testing
  • Develop Cybersecurity Baseline Test Plans (CSBTP) and Cybersecurity Baseline Test Reports (CSBTR) to document critical patching activities and ensure tested functionality.
  • Identify and mitigate security vulnerabilities or programming flaws that could be exploited to compromise system integrity or availability.
  • Support the development of test plans and associated documentation (CDRLs) for delivery to Configuration Management (CM) managers and stakeholders.
  • Stakeholder Collaboration
  • Collaborate with CS teams to resolve findings and integrate RMF requirements throughout the system lifecycle.
  • Provide technical leadership to other cyber staff, ensuring cohesive execution of cybersecurity efforts and compliance with emerging DoD directives.
  • Prepare and deliver documentation—including monthly vulnerability scan reports, risk mitigation strategies, and policy updates—to government stakeholders to achieve mission milestones.
  • Process Improvement and Innovation
  • Identify and refine cybersecurity processes to ensure sustainment of the OE, software applications, supporting tools, and infrastructure.
  • Enhance early detection mechanisms by incorporating automated benchmarks and efficient review processes for baseline updates.
  • Develop innovative solutions for emerging cybersecurity requirements within DoD/DoN frameworks.

Qualifications

  • Clearance: Must have an Active Secret Clearance to start. Must be able to obtain a Top Secret Clearance after start.
  • Citizenship: U.S. Citizen
  • Education and Experience:
    • Bachelor's degree and nine (9) years or more experience; Masters and seven (7) years or more experience; PhD or JD and four (4) years or more related experience.
    • Nine (9) years or more experience in Information Assurance, Cybersecurity Engineering, or a related discipline.
    • Five (5) years or more hands-on experience designing, implementing, or supporting hardened IT systems in classified or high-security environments.
    • Extensive Knowledge of RMF and ATO processes, including experience in creating, reviewing, and managing RMF documentation (SSPs, POA&Ms, Security Assessment Plans).
    • Experience with DoD vulnerability scanning tools (e.g., ACAS, Nessus, SCAP) and compliance with DoD standards, such as DISA STIGs.
    • Strong understanding of security baselining, secure configuration management, and continuous monitoring practices.
    • Strong scripting/programming skills (Python, Bash, PowerShell, C/C++).
    • Experience with hardware security modules (HSM), TPM, and PKI implementation.
    • Familiarity with virtualization/containers in secure contexts (VMware ESXi, Hyper-V, Docker with hardened builds).
    • Proven experience in resolving critical security vulnerabilities and supporting accreditation/re-accreditation activities.
    • Certifications: IAM Level II or III certification in accordance with DoD 8570.01-M (e.g., CISSP, CAP, or CISM).

Desired Skills:

  • Hands-on experience with NIWC Pacific or Navy organizations.
  • Familiarity with National Information Assurance Partnership (NIAP) and Common Criteria technologies.
  • Expertise in drafting and implementing Security Technical Implementation Guides (STIGs) for custom applications.
  • Experience working with Configuration Management (CM) teams to manage software artifact delivery.
  • Strong analytical and communication skills to interact with multidisciplinary teams and senior leadership effectively.

Target salary range: $160,001 - $200,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.

Similar jobs