Cyber Engineer

Job ID: 2612136

Location: Suffolk, VA, US

Date Posted: 2026-05-04

Category: Cyber

Subcategory: Cyber Engineer

Schedule: Full-Time

Shift: Day Job

Travel: Yes - 10% of the time

Minimum Clearance Required: Top_Secret

Clearance Level Must Be Able to Obtain: TS/SCI

Potential for Remote Work: ORA_ON_SITE

Description

SAIC is looking for an Information Systems Security Engineer with experience in US Navy IT networks. Work will be performed at the Navy customer's site in Suffolk, VA.

Job Duties

- Perform ACAS scan of non-production NXP environment to confirm and validate existing vulnerabilities

- Obtain minor software and patch updates from vendors or repositories such as Windows Server Update Services (WSUS) to prepare and deploy patches/minor software upgrades to non-production NXP environment to remediate vulnerabilities and comply with urgent cybersecurity requirements (IAVAs, IAVBs, CTOs, EXORDs, OPORDs, etc.)

- Perform ACAS scan of non-production NXP environment to confirm patches/updates deployed addressed vulnerabilities/findings on target devices and appliances

- Follow Enterprise CM process to document and capture requirement(s) for patch/minor software upgrade

- Follow Enterprise CM process to update (or generate if required) service/solution documentation and/or models (as applicable)

- Follow SOP/approved documentation to prep/package and stage patches or minor updates tested in non-production environment for production deployment by NNWC NXP Operations & Sustainment team

- Ensure Information Assurance Vulnerability Alert Management (IAVM), Communications Task Orders (CTOs), STIG compliance and reporting.

- Maintain compliance with IAVM mandated timeframes associated with the network.

- Identify cyber security requirements prior to customer migration.

- Perform DADMS and DITPR-DON adds and renewals.

- Maintain security compliance for network applications and software. This includes responding to all IAVMs, EXORS, OPORDs, and CTOs for infrastructure and tracking of patches in an enterprise environment.

- Maintain compliance with IAVM mandated timeframes associated with the infrastructure.

- Providing support to respond to cyber security and system Data Calls.

- Provide Vulnerability Remediation Asset Manager (VRAM), data to ensure compliance to technical directives and mitigate against known vulnerabilities.

- Provide updates to DISA Ports protocols services management (PPSM) as required for system accreditation

- Create, attain, manage, and maintain Assessment and Authorization (A&A) packages under RMF for common control provider and information system owner packages. A common control provider is responsible for common controls (i.e., security controls inherited by information systems).

- Create and maintain packages in eMASS

- Assist government team leads when required with the creation of RMF required documentation (External Connection requirements, IT Interconnection Agreements, Security Memorandums of Agreement, Security Memorandums of Record, Risk Assessments, Vulnerability Analysis, POAMs and IAVM program support and guidance).

- Track all new STIG releases along with their deltas and participate in STIG implementation.

- Assist government team leads when required with reporting on Audit Readiness capability in accordance with DISA and Navy customer scoring cards.

- Support the development for a process for maintaining and enforcing security for the infrastructure.

- Assist government team leads when required with IAVM requirements reporting.

- Support security/IA requirements definition by identifying security controls to be put in place for systems and networks. Recommend processes for maintaining and enforcing security/Information Assurance for identified systems, networks and systems in support of security engineering. Document the A&A requirements and processes in support of security engineering.

- Execute security scans in compliance with DoD/DoN standard timeframes for infrastructure and customer systems.

- Assist government team leads when required with reporting on customer hosted systems accreditation status.

- Provide vulnerability assessment scans to the government team leads upon request.

- Evaluate, recommend, integrate and implement innovative and automated continuous monitoring capabilities in support of RMF and Cyber Security compliance.

Qualifications

Required Experience and Education:

- Bachelor's degree with two or more years' experience supporting an IT Enterprise environment in a cyber, system administration, engineering or management capacity.

- Requires experience with US Navy's Risk Management Framework (RMF) to include at least two years performing Navy A&A responsibilities including policy implementation, control testing, POA&M management, and Configuration Management.

- Experience using MS office tools such as Excel, Word and Visio; working with DoD tools such as eMASS and DADMS; working with security engineers to review compliance scans; and performing cybersecurity assessments using standards such as CIS Benchmarks, DISA STIGS, etc.

- Broad technical experience related to IT operations, networks, OS's, and system administration.

- Knowledge base in Information Security / Information Assurance / Cybersecurity analysis supporting systems, networks, applications, and cross-domain solutions.

- CISSP or equivalent certification

Required Clearance:

Must have a Top Secret clearance with the ability to obtain a TS/SCI

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

---

• Dice Id: 10111346
• Position Id: 2612136
• Posted 1 day ago