Description
Description
Who We Are and What We Do:
SAIC Security professionals support a collective of over 24,000 employees extending across 20 countries. Our employees are our core, bolstered by 15,000 clearances, working across numerous classified and unclassified locations. We are the industry's most agile and committed security experts, unwavering in our mission to make our nation and world safer for all. We pride ourselves on cultivating a workplace environment that encourages proactive thinking and fosters strong internal collaborations. Our dedication is deeply rooted in the professional growth of our team through comprehensive upskilling programs, targeted training initiatives, and consistent mentoring opportunities, all designed to nurture a diverse pool of talent. Additionally, we maintain an active presence in the security community, positioning ourselves as visible and influential thought leaders who shape industry standards and best practices.
We empower the future of government by strategically aligning our comprehensive security services with our clients' business objectives. Our offerings encompass a full spectrum of security functions, including business group support, personnel security, information assurance, insider threat, counterintelligence, physical security, crisis management, international security, and more. Our robust internal processes, from security awareness training to internal audits, data analytics and internal proposal support, ensure we maintain an edge in compliance and risk mitigation. We are not just a compliance function; we are enablers of profitable growth, proactive partners to business groups, assessors of risk, inspirers of people, and champions of efficiency and agility. Our approach is holistic --we grow, develop, diversify, and retain talent while leading the industry in the industrial security mission. We are visible thought leaders and proactive educators, committed to executing with precision and speed, underscoring our reputation as a security powerhouse driving the future of government.
If you see yourself as being a part of this culture, we invite you to apply!
Job Description:
The Insider Threat Cyber Detection Engineer will play a pivotal role within Counterintelligence & Threat Management, focusing on the detection, analysis, and mitigation of potential cyber threats within the SAIC network. The ideal candidate will possess a solid understanding of security protocols, cyber threat landscapes, and possess the technical expertise to develop and implement detection rules and models that identify if there are signs of cyber threats based on multiple indicators, such as malicious behaviors, anomalous activity, and behavioral analytics. The engineer will work closely with the Enterprise Security Operations Center, to ensure that potential threats are identified and countered promptly, thus maintaining the integrity and confidentiality of our information systems. Services include analysis and investigation of potential cyber-threat indicators in the furtherance of enterprise protection operations. The successful candidate must have working knowledge of cyber-threat analysis and be able to readily engage in mitigation and the decision-making processes as needed. Shall work directly with the Insider Threat Program Senior Official (ITPSO) and Insider Threat Program Manager to utilize threat intelligence to determine appropriate level(s) of response to an event and shall coordinate action(s)/response with the Enterprise Security Operations Center when appropriate.
This position is 100% remote, candidates local to Northern Virginia/DC metro area preferred.
Job Duties:
- Develop, maintain, fine-tune and continually evaluate detection rules and alerts
- Utilize threat intelligence and anomaly detection to proactively seek out cybersecurity threats
- Analyze security logs and data for anomalies
- Create and maintain documentation for detection processes
- Maintain in-depth understanding of current threat landscape, including threats and vulnerabilities
- Collaborate with incident response team to ensure detected threats are analyzed and mitigated
- Conduct analysis of detection logs to identify concerns that could indicate security threats
- Prepare detailed reports on threat analysis and propose enhancements to threat detection
- Research and recommend new technologies or improvements to enhance threat detection
- Engage in knowledge sharing with other cybersecurity team members and departments to enhance the overall security posture of the organization
Qualifications
Required Education and Qualifications:
- Bachelors Degree and minimum six (6) years direct related experience or Masters and four (4) years experience
- Must be willing to be available 24/7 for on-call duties in order to uphold our commitment to continuous operational readiness, which includes providing SAIC a mechanism for which to contact you.
- Strong analytical skills for interpreting cybersecurity data and alerts
- Knowledge of threat intelligence and attack vectors
- Experience with Kibana Query Language
- Familiarity with scripting languages (e.g., Python, PowerShell)
- Experience with incident response and forensics
- Ability to think like an attacker to anticipate threats
- Engage in knowledge sharing with other cybersecurity team members and departments to enhance the overall security posture of the organization
- Experience with User Behavior Analytics platforms and familiar with conducting operations relating to insider threat, insider threat/security investigations
- Must possess superior writing and briefing skills and publish furnished analysis
- Ability to work independently in a face paced, results driven environment
- Ability to create/present reports on metrics collected throughout all facets of the program
- In-depth knowledge of: SIEM tools, Endpoint Detection and Response (EDR) solutions, Threat intelligence platforms, Log analysis tools, UBA/UEBA tools
- Collaborative Mindset: Ability to work effectively within a team, contributing ideas and supporting colleagues to achieve common goals.
- Conflict Resolution: Proficiency in identifying, addressing, and resolving conflicts within the team in a constructive manner to include having difficult conversations professionally.
- Flexibility and Adaptability: Willingness to adapt to team needs, including taking on various roles and responsibilities as required.
- Supportive Attitude: Demonstrates a supportive and cooperative attitude towards team members, helping to create a positive team environment.
- Cultural Fit: Alignment with the company's values and culture of: Integrity, Innovation and Inclusion.
- Customer Focus: Strong customer focus, ensuring that communication and teamwork efforts are aligned with delivering exceptional service to clients and stakeholders.
- Effective Verbal Communication: Strong verbal communication skills, capable of articulating ideas clearly and effectively to diverse audiences.
- Active Listening: Ability to actively listen to others, understand their perspectives, and respond appropriately.
- Written Communication: Excellent written communication skills, with the ability to produce clear, concise, and accurate documentation and emails.
- Presentation Skills: Experience in delivering presentations and facilitating meetings, ensuring that key points are conveyed clearly and engagingly.
- Feedback Mechanism: Ability to give and receive constructive feedback, helping to improve individual and team performance.
- Leadership Potential: Ability to inspire and motivate others.
- Mentorship: Experience in mentoring or coaching others, contributing to the professional growth and development of team members.
- Emotional Intelligence: High level of emotional intelligence, including self-awareness, empathy, and the ability to manage one's own emotions effectively.
- Problem-Solving Skills: Strong problem-solving abilities, with a focus on identifying root causes and implementing effective solutions.
- Time Management: Excellent time management skills, with the ability to prioritize tasks, manage deadlines, and balance multiple responsibilities.
- Initiative: Proactive in taking initiative, demonstrating a willingness to go above and beyond to achieve team and organizational goals.
- Critical Thinking: Strong critical thinking skills, with the ability to analyze situations, consider various perspectives, and make informed decisions.
- Adaptability: Ability to adapt to changing circumstances and embrace new challenges with a positive attitude.
Desired Qualifications:
- Certified Detection Analyst (GCDA)
- Certified Information Systems Security Professional (CISSP)
- Certified Incident Handler (GCIH)
- Certified Intrusion Analyst (GCIA)
SAIC accepts applications on an ongoing basis and there is no deadline.
Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.
Apply on company website
Find Connections via Linkedin
