"Alerted.org

Description

SAIC is seeking qualified applicants for RMF Engineer/ISSM (Information Systems Security Manager) to provide Risk Management Framework (RMF) in support of the North American Aerospace Defense Command/United States Northern Command (N&NC) Information Technology (IT) Enterprise Services (NITES) contract, with primary work onsite in Colorado Springs.

The candidate selected for this position:

+ Oversees system registration and record within eMASS to support the Risk Management Framework (RMF) process and authorization for N&NC Enterprise to ensure compliance and mitigate risk

+ Assure standards consistent to meet and exceed standards to minimize risks and remain Cyber Operational Readiness Assessment (CORA) ready status

+ Manage continuous Cyber Security posture of enterprise systems and identify mitigations to meet DoDD 8500.01, DoDI 8510.01, DoDD 8140.01, and NIST SP800-53

+ Understands scans from ACAS, SCAP, and/or other approved tools to determine security posture of systems to develop/maintain Authority to Operate (ATO) for systems and enclaves

+ Refine the determination of the system categorization is accordance with CNSSI 1253 in areas of Confidentiality, Integrity, and Availability as information types and system interconnections change

+ Manage development/maintenance of Security Plans, ensuring proper Security Technical Implementation Guides (STIGs) are applied for each system and enclave

+ Ensure that all findings are properly documented in the Plan of Action and Milestones (POA&M) on an on-going basis

+ Create and refine correct policies, procedures, and artifacts necessary to ensure controls are met

Qualifications

Required:

+ BS with 5 years experience or equivalent work experience in the Information Assurance / Cybersecurity field. Additional years of experience can be considered in lieu of a degree

+ TS/SCI security clearance

+ Certification required per DoDD 8140.03, current CISSP, CISM, GSLC, or equivalent Advanced level ISSM certification

+ 2+ years of experience as a primary ISSO or security compliance lead for an IT system

+ Direct experience in RMF artifacts and eMass tracking of records

+ Experience creating, tracking, and completion of Plans of Action and Milestones (POA&Ms) for resolving security control deficiencies

+ Guide working groups and teams for Milestone Reviews, Configuration Management, etc.

+ Prepare/conduct cybersecurity presentations and make cybersecurity risk recommendations

+ Provide status updates to System Owners and leadership

+ Provide monthly status report to reflect the activities accomplished, issues, and path forward

Desired:

+ Security Information and Event Management (SIEM) Experience

+ Ability to work in a team focused, dynamic environment

+ Cross Domain Solutions Certification Experience

+ Must be flexible, independent, and self-motivated

+ Must be punctual with regular and consistent attendance

Target salary range: $80,001 - $120,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.

REQNUMBER: 2509484

SAIC is a premier technology integrator, solving our nation's most complex modernization and systems engineering challenges across the defense, space, federal civilian, and intelligence markets. Our robust portfolio of offerings includes high-end solutions in systems engineering and integration; enterprise IT, including cloud services; cyber; software; advanced analytics and simulation; and training. We are a team of 23,000 strong driven by mission, united purpose, and inspired by opportunity. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $6.5 billion. For more information, visit saic.com. For information on the benefits SAIC offers, see Working at SAIC. EOE AA M/F/Vet/Disability