"Alerted.org

Description

SAIC is seeking qualified applicants for the role of Risk Management Framework (RMF) Analyst. This position provides information assurance and cybersecurity support for the North American Aerospace Defense Command (NORAD) and United States Northern Command (USNORTHCOM) (N&NC) Information Technology (IT) Enterprise Services (NITES) contract. The primary work location for this role is onsite in Colorado Springs.

The candidate selected for this position will:

+ Oversee system registration and record-keeping within eMASS to support the RMF process and authorization for the N&NC Enterprise, ensuring compliance and risk mitigation.

+ Ensure standards are met and exceeded to minimize risks and maintain Cyber Operational Readiness Assessment (CORA) status.

+ Manage the continuous cybersecurity posture of enterprise systems and identify mitigations to comply with DoDD 8500.01, DoDI 8510.01, DoDD 8140.01, and NIST SP800-53.

+ Analyze scans from ACAS, SCAP, and other approved tools to determine the security posture of systems and develop/maintain Authority to Operate (ATO) for systems and enclaves.

+ Refine system categorization determinations according to CNSSI 1253, considering Confidentiality, Integrity, and Availability as information types and system interconnections evolve.

+ Oversee the development and maintenance of System Security Plans (SSPs), ensuring the appropriate Security Technical Implementation Guides (STIGs) are applied to each system and enclave.

+ Ensure that all findings are properly documented in the Plan of Action and Milestones (POA&M) on an on-going basis.

+ Create and refine correct policies, procedures, and artifacts necessary to ensure security controls are being met.

Qualifications

Required:

+ Certification required per DoDD 8570, Security+.

+ Preferred certification is SecurityX.

+ Bachelor’s degree plus 5 years of experience, or equivalent work experience in the Information Assurance/Cybersecurity field.

+ 2+ years of experience preferred as a primary ISSO or security compliance lead for an IT system.

+ Direct experience in RMF artifacts and eMASS tracking of records.

+ Experience creating, tracking, and completion of POA&Ms for resolving security control deficiencies.

+ TS/SCI security clearance.

+ Ability to guide working groups and teams for milestone reviews, configuration management changes, etc.

+ Prepare and conduct cybersecurity presentations, making cybersecurity risk recommendations.

+ Provide status updates to System Owners and leadership.

+ Provide monthly status report to reflect the activities accomplished, issues, and pathway forward.

Desired:

+ Experience with Security Information and Event Management (SIEM) solutions.

+ Ability to work in a team-focused, dynamic environment.

+ Experience certifying Cross Domain Solutions.

+ Must be flexible, independent, and self-motivated.

+ Must be punctual with regular and consistent attendance.

Target salary range: $80,001 - $120,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.

REQNUMBER: 2511840

SAIC is a premier technology integrator, solving our nation's most complex modernization and systems engineering challenges across the defense, space, federal civilian, and intelligence markets. Our robust portfolio of offerings includes high-end solutions in systems engineering and integration; enterprise IT, including cloud services; cyber; software; advanced analytics and simulation; and training. We are a team of 23,000 strong driven by mission, united purpose, and inspired by opportunity. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $6.5 billion. For more information, visit saic.com. For information on the benefits SAIC offers, see Working at SAIC. EOE AA M/F/Vet/Disability