Security and Monitoring Lead

Job ID: 2403840

Location: WASHINGTON, DC, US

Date Posted: 2024-03-22

Category: Cyber

Subcategory: Cybersecurity Spec

Schedule: Full-time

Shift: Day Job

Travel: No

Minimum Clearance Required: None

Clearance Level Must Be Able to Obtain: Public Trust

Potential for Remote Work: No

Description

The Security & Monitoring Lead serves as the Information Systems Security Manager (ISSM) for all projects, initiatives, and applications developed under the contract. This role is responsible for developing and implementing security processes, ensuring compliance with relevant regulations and policies, overseeing Information System Security Officers (ISSOs), managing security incidents, and maintaining robust security measures for both infrastructure and applications.

This opportunity is contingent upon award.

Responsibilities and Duties:

• Policy Compliance: Develop and operate information systems in compliance with GAO policies and procedures.
• Security Process Development: Develop and implement security processes to ensure compliance with the Federal Information Systems Security Management Act (FISMA) and other relevant policies, guidelines, and procedures.
• Security Policy Implementation: Implement GAO's security policy and technical requirements for system design and operations; provide preliminary information security advice and recommendations.
• Security Requirements Engineering: Develop information security requirements and engineering solutions for new systems, review system security plans, and make improvement recommendations.
• ISSO Oversight: Oversee Information System Security Officers (ISSOs) under the contract, providing oversight in developing security guidelines and ensuring compliance with federal requirements.
• SASE and Zero Trust Implementation: Experience with SASE and Zero Trust implementations and managing those environments.
• Stakeholder Collaboration: Maintain productive working relationships with ISTS Chief Information Security Officer and other ISTS leaders to share information and recommendations regarding security threats, incidents, or other security matters.
• Monitoring and Security Management: Manage all monitoring and security work required to assess performance, collaborate on goal setting, and provide feedback on personal development.
• Information Security Standards: Implement and maintain Information Security standards and best practices.
• Incident Handling: Develop and execute procedures for handling security incidents, outages, and escalations, coordinating with internal teams and external contractors to minimize downtime and impact on business operations.

Qualifications

• Bachelor's degree in computer science, Information Technology, or a related field and nine (9) years of or more of total experience, or seven (7) and a Masters, or four (4) and a PhD
• Minimum of 5 years' experience in the cybersecurity field and/or Enterprise Monitoring.
• Certified Information Systems Security Professional (CISSP) certification (or equivalent).
• Proven experience in cloud and infrastructure management, application support, or related roles.
• Strong understanding of IT best practices.
• Excellent leadership, communication, and interpersonal skills.
• Must be able to obtain Public Trust clearance

SAIC accepts applications on an ongoing basis and there is no deadline.

Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.