This job is closed
We regret to inform you that the job you were interested in has been closed. Although this specific position is no longer available, we encourage you to continue exploring other opportunities on our job board.
About the position
SAIC is seeking a Senior Cybersecurity Specialist to provide cybersecurity services for a major state and local government customer in Texas. This role involves being a technical leader in incident response and assisting with SIEM administration and engineering. The specialist will be responsible for incident response, including preparation, detection, response, mitigation, reporting, recovery, and remediation of cybersecurity events. The position requires maintaining the internal SOC playbook and participating in a 24x7x365 security operations team.
Responsibilities
- Drive progress on incident ticket resolution, including identifying root causes, containing ongoing threats, and directing partner technical service providers.
- Coach, guide, and mentor junior SOC analysts.
- Collect, analyze, produce, and disseminate Cyber Threat Intelligence (CTI).
- Assist SIEM engineering with data ingestion, dashboard development, and correlation rule tuning.
- Provide analysis and reporting of security events and investigations.
- Coordinate with peer technical teams in a multi-vendor environment.
- Perform Advanced Threat Hunting using automated tools and manual hypothesis-based activities.
- Conduct Digital Forensic acquisition and analysis.
- Log security incidents in the ITSM ticketing system and manage incidents throughout their lifecycle.
- Support routine and ad-hoc reporting and investigation requests.
Requirements
- Bachelor's degree in Cybersecurity, Information Systems, Computer Science, or a relevant field plus relevant experience.
- Excellent oral and written communication skills, particularly in leading Security Incident Response Team calls.
- Familiarity with syslog-based logging server-side configurations.
- Experience with Microsoft Office (Outlook, Word, PowerPoint).
- Obtain the Cybersecurity First Responder certification within 180 days of employment.
- U.S. Citizenship and ability to pass an annual criminal justice background check.
Nice-to-haves
- Experience with ITIL, ITIL Foundation or higher certification.
- Unix/Linux and/or Windows System Administration experience.
- Familiarity with syslog-based logging client-side configurations.
- Experience with Microsoft Sentinel, Log Analytics, and similar technologies; Microsoft Azure or security-related certifications preferred.
- Experience with EnCase Digital Forensics/Investigator and Endpoint Security solutions; EnCE certification preferred.
- ISC2, SANS/GIAC, and other industry-recognized cybersecurity certifications preferred.
- Familiarity with Cyber Threat Intelligence (CTI) programs and indicators of attack.
- Experience with cloud security concepts in AWS, Azure, GCP, and/or OCI environments.
Benefits
- On-the-job training of the customer operating environment and service provider tools.
- Strong teamwork-based environment for collaboration and support.
- Flexible work schedule with on-call coverage requirements.
