Description

SAIC is seeking a Cybersecurity Cloud Analyst to perform the following key roles and responsibilities:

• Provide artifacts or screenshots to assist prepare the AWS Cloud ATO/ATU package, and process/maintain ATU ongoing monitoring activities. Assist ISSO to ensure all controls remain in place and address any deficits.

• Perform Log Aggregation and Monitoring within AWS. Responsible for all logs and monitoring of the AWS cloud for operational purposes.

• Manage user access and security controls.

• Provide support for identify access management, identity solution for issuing user credentials for role-based access permissions.

• Provide integration support services for cloud security stacks and CASB solutions.

• Perform and management of security group lists and firewall rules for the subnets aligning to security policy and approved network designs.

• Monitor logs and analyzing them for security incidents or performance issues.

• Provide support for and monitor VPCs, NACLs, NSGs, and DNS services.

• Create dashboards that provide visibility into the system status and security posture.

• Set up email notification to notify personnel of important events or issues.

• Ensure log retention is in line with policy requirements. Integrating or feeding these logs into Splunk, or similar systems, for centralized log analysis and management.

• Provide audit access to any FIPS 199 Moderate, or higher data encrypted at rest and in motion in the commercial cloud at an Event Logging (EL) maturity level of EL3.

• Forward all required logging data, in near real-time and on an automated basis, to centralized systems responsible for security, information, and event monitoring Security Event and Incident Management (SEIM) e.g., SPLUNK; bulk storage; and other analytical workflows or services.

• Data Calls - Respond to requests for information (data calls), Create and maintain Standard Operating Procedures (SOPs), the System Security Plan (SSP), and the Information System Contingency Plan (ISCP), Address Plan of Actions and Milestones (POAMs) and vulnerabilities associated with the AWS Cloud infrastructure.

• Proficient at interpreting scan results from various vulnerability and compliance tools such as MicroFocus Fortify SCA and WebInspect, Tenable Nessus and TIO, Prisma Cloud, SonarQube.

Qualifications

Required Qualifications:

• Bachelors
• US Citizen with ability to obtain a Public Trust (rigorous background investigation)
• AWS Cloud Security
• FedRAMP
• ATO (Authorization to Operate)
• Remediate POAMs
• Security scans
• Provide compliance support for FedRAMP and NIST SP 800-53
• Current AWS Professional or Security Specialty certification
• CompTIA Security+ (or equivalent DoD Approved Baseline Certification for IAT Level II)
• Minimum of 3 years of hands-on experience with Cloud technologies at the Administrator/Root access level

Desired Skills:

• Proficiency using both the AWS Management Console and the AWS Command Line Interface (CLI)

• Working knowledge of AWS security services and features of services to provide a secure production environment and an understanding of security operations and risks.

• Knowledge of the AWS shared responsibility model and its application; security controls for workloads on AWS; logging and monitoring strategies; cloud security threat models; patch management and security automation; ways to enhance AWS security services with third-party.

• Experience with DevSecOps CI/CD pipelines, principles, and practices.

Nice to Have:

• Delivering solutions using Agile methodologies

• AWS associate level or higher certifications

• Excellent writing skills

• Excellent oral communication and presentation skills

Target salary range: $115,001 - $125,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.

SAIC accepts applications on an ongoing basis and there is no deadline.

Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.