Description
Description
Security Analyst Experience serving as the security engineer of complex technology implementations in a product-centric environment. Bridges the gap between legacy development or operations teams and working toward a shared culture and vision. Works to ensure that developers create the most secure systems in the world while enhancing the privacy of all system users. Experience with white hat hacking and fundamental computer science concepts strongly desired. Primarily responsible for:
• Performing security audits, risk analysis, application-level vulnerability testing, and security code reviews
• Developing and implementing technical solutions to help mitigate security vulnerabilities
• Conducting research to identify new attack vectors
• Performing security audits, risk analysis, application-level vulnerability testing, and security code reviews
• Developing and implementing technical solutions to help mitigate security vulnerabilities
• Conducting research to identify new attack vectors
• Analyst reviews and provides feedback for all Security Artifacts
• Analyst provides schedule support for security activities
• Analyst leads and coordinates environment scan activities
• Analyst reviews, analyzes and tracks all environment related scan outcomes and support the remediation of low/med/high security findings
• Analyst supports security engineering and compliance transformation efforts as needed
• Analyst supports enterprise continuous diagnostics mitigation (CDM) effort
• Analyst reviews, analyzes and tracks all code related scan outcomes and supports FDT's with remediation of low/med/high security findings
• Analyst provides reporting on the status of code related security findings and the health of the application code base from a pre-launch security perspective
• Analyst supports the Cyber Penetration Test and Code analysis team (PTCA) code submission process for final production code review
• Analyst provides support to further improve the continuous security monitoring of the application code base
• Analyst collaborates with code and environment scan tool owners regarding updates/fixes and identifies tool improvement opportunities
• Analyst supports Cyber security assessment activities as needed
• Analyst supports DevSecOps compliance and engineering activities • Provides support and expertise in maintaining security-based compliance documents as agreed upon by the IRS
Qualifications
- Bachelors and fourteen(14) years or more experience; Masters and twelve (12) years or more experience; PhD or JD and nine (9) years or more experience required.
- Must be a U.S. Citizen with the ability to obtain and maintain a Public Trust clearance.
- Support Cyber security assessment activities
- Perform security audits, risk analysis, application-level vulnerability testing, and security code reviews
- Review and provide feedback to all Security ELC related artifacts
- Provide schedule support for security activities
- Collaborate with code and environment scan tool owners regarding updates/fixes and identifies tool improvement opportunities
- Review, analyze, and track all environment related scan outcomes and support the remediation of low/med/high security findings
- Report on the status of Security post deployment scan items and support the remediation of low/med/high security findings from post deployment scan activities *Report on the status of code related security findings and the health of the application code base from a pre-launch security perspective
- Support the Cyber Penetration Test and Code analysis team (PTCA)'s code submission process for final production code review
- Support DevSecOps compliance and engineering activities
- Develop and implement technical solutions to help mitigate security vulnerabilities
- Conduct research to identify new attack vectors *Lead and coordinate environment scan activities
- Support enterprise continuous diagnostics mitigation (CDM) effort
Target salary range: $120,001 - $160,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.
SAIC accepts applications on an ongoing basis and there is no deadline.
Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.
Apply on company website
Find Connections via Linkedin
