S
Cyber Engineer
Accepting applicationsSAIC · Suffolk, VA
Full-Time Mid AIaiateddrrf
Posted
2d ago
Category
Test
Experience
Mid
Country
United States
Job ID 2612410
Location Suffolk, VA, US
Date Posted 2026-05-11
Category Cyber
Subcategory Cyber Engineer
Schedule Full-Time
Shift Day Job
Travel Yes - 10% of the time
Minimum Clearance Required Interim_Top_Secret
Clearance Level Must Be Able to Obtain None
Potential for Remote Work ORA_REMOTE
Description
SAIC is looking for an Information Systems Security Engineer with experience in US Navy IT networks. Work can be performed remotely.
Job Duties
Perform ACAS scan of non-production NXP environment to confirm and validate existing vulnerabilities
Obtain minor software and patch updates from vendors or repositories such as Windows Server Update Services (WSUS) to prepare and deploy patches/minor software upgrades to non-production NXP environment to remediate vulnerabilities and comply with urgent cybersecurity requirements (IAVAs, IAVBs, CTOs, EXORDs, OPORDs, etc.)
Perform ACAS scan of non-production NXP environment to confirm patches/updates deployed addressed vulnerabilities/findings on target devices and appliances
Follow Enterprise CM process to document and capture requirement(s) for patch/minor software upgrade
Follow Enterprise CM process to update (or generate if required) service/solution documentation and/or models (as applicable)
Follow SOP/approved documentation to prep/package and stage patches or minor updates tested in non-production environment for production deployment by NNWC NXP Operations & Sustainment team
Ensure Information Assurance Vulnerability Alert Management (IAVM), Communications Task Orders (CTOs), STIG compliance and reporting
Maintain compliance with IAVM mandated timeframes associated with the network
Identify cyber security requirements prior to customer migration
Perform DADMS and DITPR-DON adds and renewals
Maintain security compliance for network applications and software. This includes responding to all IAVMs, EXORS, OPORDs, and CTOs for infrastructure and tracking of patches in an enterprise environment
Maintain compliance with IAVM mandated timeframes associated with the infrastructure
Providing support to respond to cyber security and system Data Calls
Provide Vulnerability Remediation Asset Manager (VRAM), data to ensure compliance to technical directives and mitigate against known vulnerabilities
Provide updates to DISA Ports protocols services management (PPSM) as required for system accreditation
Create, attain, manage, and maintain Assessment and Authorization (A&A) packages under RMF for common control provider and information system owner packages. A common control provider is responsible for common controls (i.e., security controls inherited by information systems)
Create and maintain packages in eMASS
Assist government team leads when required with the creation of RMF required documentation (External Connection requirements, IT Interconnection Agreements, Security Memorandums of Agreement, Security Memorandums of Record, Risk Assessments, Vulnerability Analysis, POAMs and IAVM program support and guidance)
Track all new STIG releases along with their deltas and participate in STIG implementation
Assist government team leads when required with reporting on Audit Readiness capability in accordance with DISA and Navy customer scoring cards
Support the development for a process for maintaining and enforcing security for the infrastructure
Assist government team leads when required with IAVM requirements reporting
Support security/IA requirements definition by identifying security controls to be put in place for systems and networks. Recommend processes for maintaining and enforcing security/Information Assurance for identified systems, networks and systems in support of security engineering. Document the A&A requirements and processes in support of security engineering
Execute security scans in compliance with DoD/DoN standard timeframes for infrastructure and customer systems
Assist government team leads when required with reporting on customer hosted systems accreditation status
Provide vulnerability assessment scans to the government team leads upon request
Evaluate, recommend, integrate and implement innovative and automated continuous monitoring capabilities in support of RMF and Cyber Security compliance
Qualifications
Required Experience and Education
Bachelor’s degree with two or more years’ experience supporting an IT Enterprise environment in a cyber, system administration, engineering or management capacity
Requires experience with US Navy’s Risk Management Framework (RMF) to include at least two years performing Navy A&A responsibilities including policy implementation, control testing, POA&M management, and Configuration Management
Experience using MS office tools such as Excel, Word and Visio; working with DoD tools such as eMASS and DADMS; working with security engineers to review compliance scans; and performing cybersecurity assessments using standards such as CIS Benchmarks, DISA STIGS, etc.
Broad technical experience related to IT operations, networks, OS's, and system administration
Knowledge base in Information Security / Information Assurance / Cybersecurity analysis supporting systems, networks, applications, and cross-domain solutions
CISSP or equivalent certification
Required Clearance
Must have a Top Secret clearance
Show more Show less
Location Suffolk, VA, US
Date Posted 2026-05-11
Category Cyber
Subcategory Cyber Engineer
Schedule Full-Time
Shift Day Job
Travel Yes - 10% of the time
Minimum Clearance Required Interim_Top_Secret
Clearance Level Must Be Able to Obtain None
Potential for Remote Work ORA_REMOTE
Description
SAIC is looking for an Information Systems Security Engineer with experience in US Navy IT networks. Work can be performed remotely.
Job Duties
Perform ACAS scan of non-production NXP environment to confirm and validate existing vulnerabilities
Obtain minor software and patch updates from vendors or repositories such as Windows Server Update Services (WSUS) to prepare and deploy patches/minor software upgrades to non-production NXP environment to remediate vulnerabilities and comply with urgent cybersecurity requirements (IAVAs, IAVBs, CTOs, EXORDs, OPORDs, etc.)
Perform ACAS scan of non-production NXP environment to confirm patches/updates deployed addressed vulnerabilities/findings on target devices and appliances
Follow Enterprise CM process to document and capture requirement(s) for patch/minor software upgrade
Follow Enterprise CM process to update (or generate if required) service/solution documentation and/or models (as applicable)
Follow SOP/approved documentation to prep/package and stage patches or minor updates tested in non-production environment for production deployment by NNWC NXP Operations & Sustainment team
Ensure Information Assurance Vulnerability Alert Management (IAVM), Communications Task Orders (CTOs), STIG compliance and reporting
Maintain compliance with IAVM mandated timeframes associated with the network
Identify cyber security requirements prior to customer migration
Perform DADMS and DITPR-DON adds and renewals
Maintain security compliance for network applications and software. This includes responding to all IAVMs, EXORS, OPORDs, and CTOs for infrastructure and tracking of patches in an enterprise environment
Maintain compliance with IAVM mandated timeframes associated with the infrastructure
Providing support to respond to cyber security and system Data Calls
Provide Vulnerability Remediation Asset Manager (VRAM), data to ensure compliance to technical directives and mitigate against known vulnerabilities
Provide updates to DISA Ports protocols services management (PPSM) as required for system accreditation
Create, attain, manage, and maintain Assessment and Authorization (A&A) packages under RMF for common control provider and information system owner packages. A common control provider is responsible for common controls (i.e., security controls inherited by information systems)
Create and maintain packages in eMASS
Assist government team leads when required with the creation of RMF required documentation (External Connection requirements, IT Interconnection Agreements, Security Memorandums of Agreement, Security Memorandums of Record, Risk Assessments, Vulnerability Analysis, POAMs and IAVM program support and guidance)
Track all new STIG releases along with their deltas and participate in STIG implementation
Assist government team leads when required with reporting on Audit Readiness capability in accordance with DISA and Navy customer scoring cards
Support the development for a process for maintaining and enforcing security for the infrastructure
Assist government team leads when required with IAVM requirements reporting
Support security/IA requirements definition by identifying security controls to be put in place for systems and networks. Recommend processes for maintaining and enforcing security/Information Assurance for identified systems, networks and systems in support of security engineering. Document the A&A requirements and processes in support of security engineering
Execute security scans in compliance with DoD/DoN standard timeframes for infrastructure and customer systems
Assist government team leads when required with reporting on customer hosted systems accreditation status
Provide vulnerability assessment scans to the government team leads upon request
Evaluate, recommend, integrate and implement innovative and automated continuous monitoring capabilities in support of RMF and Cyber Security compliance
Qualifications
Required Experience and Education
Bachelor’s degree with two or more years’ experience supporting an IT Enterprise environment in a cyber, system administration, engineering or management capacity
Requires experience with US Navy’s Risk Management Framework (RMF) to include at least two years performing Navy A&A responsibilities including policy implementation, control testing, POA&M management, and Configuration Management
Experience using MS office tools such as Excel, Word and Visio; working with DoD tools such as eMASS and DADMS; working with security engineers to review compliance scans; and performing cybersecurity assessments using standards such as CIS Benchmarks, DISA STIGS, etc.
Broad technical experience related to IT operations, networks, OS's, and system administration
Knowledge base in Information Security / Information Assurance / Cybersecurity analysis supporting systems, networks, applications, and cross-domain solutions
CISSP or equivalent certification
Required Clearance
Must have a Top Secret clearance
Show more Show less