Cyber Network Defense (CND) Auditor

Description

SAIC is seeking a skilled and motivated Cyber Network Defense (CND) Auditor to join our team in support of an on-premises enterprise IT environment. This role is part of a subcontract supporting a critical customer, with responsibilities that include assessing the security integrity of enterprise IT infrastructure, identifying risks, ensuring compliance with established cybersecurity standards, and performing assessments of systems and networks to identify deviations from acceptable configurations or policies. The candidate will evaluate incident response procedures, exploit system and network vulnerabilities, and facilitate proactive defense measures to enable operations and intelligence collection capabilities. This opportunity involves working within a complex environment of virtualized Windows and Linux servers, SQL Server databases, Oracle databases, and comprehensive networking layers, supporting mission-critical systems and infrastructure to defend sensitive assets. 

All work must be performed on-site in Springfield, VA. 

Key Responsibilities: 

• Assess and audit systems and networks to identify deviations from acceptable configurations, enclave policies, or local policies. 

• Evaluate incident response procedures and capabilities to ensure readiness for detecting, responding to, and mitigating cyber threats. 

• Exploit system and network vulnerabilities and misconfigurations for gathering data from target systems or adversary networks to enable operations and intelligence collection capabilities. 

• Leverage computer networks to disrupt, deny, degrade, or destroy information resident in computers and networks or the computer systems themselves. 

• Identify, evaluate, and report cybersecurity vulnerabilities and recommend actionable mitigations. 

• Review and validate system configurations, changes, and security controls for compliance and effectiveness. 

• Provide monitoring and analysis to detect signs of exploitation, unauthorized activity, or abnormal patterns. 

• Maintain detailed audit documentation including risk assessments, compliance verification, and remediation plans. 

• Collaborate with stakeholders such as Systems Administrators, Network Engineers, and Cybersecurity Analysts to address risks.

Qualifications

Education  

• Bachelor’s Degree 

Certifications (CWF Requirements): 

• Candidates must satisfy Cybersecurity Workforce Framework (CWF) ID 511 (Cyber Defense Analyst) or 531 (Cyber Defense Auditor, Intermediate Level) requirements, as outlined by Navy COOL. 

  
  This requirement can be met by possessing one or more of the following qualifying certifications: 

  • CompTIA Security+ CE 

  • Certified Information Systems Auditor (CISA) 

  • Certified Ethical Hacker (CEH) 

  • GIAC Certified Incident Handler (GCIH) 

  • Certified Information Systems Security Professional (CISSP) (or a similar advanced-level certification). 

OR This requirement can be met through: 

• A Bachelor’s Degree in Cybersecurity, Computer Science, IT, or a related field. 

Experience: 

• 9-15 years of experience performing security audits, compliance assessments, or Cyber Network Defense-related (CND) functions in an enterprise IT environment. 

Technical Skills: 

• In-depth knowledge of cybersecurity frameworks (e.g., NIST 800-53, RMF, ICD 503, DoD 8510.01). 
• Proficiency with auditing tools (e.g., Splunk, Nessus, ACAS) and experience with Windows/Linux security configurations. 
• Familiarity with database security for platforms like SQL Server and Oracle. 

Clearance Requirement: 

• Active TS/SCI clearance with the ability to obtain and maintain a TS/SCI with Poly. 

Work Environment and Notes: 

• On-site Work: All work must be conducted on-site in Springfield, VA. 
• Program Scope: Supports on-premises enterprise IT environments including virtualized Windows/Linux servers, databases, and networking layers. 
• Subcontractor Role: Salary and responsibilities vary by billet, with cap limitations based on the subcontractor agreement.