Cybersecurity Risk Assessment Analyst

at  SAIC

Job ID: 2408320-FLEXWORK-TX
Location: REMOTE WORK, TX, US
Date Posted: 2024-06-24
Category: Cyber
Subcategory: Cyber GRC
Schedule: Full-time
Shift: Day Job
Travel: No
Minimum Clearance Required: None
Clearance Level Must Be Able to Obtain: Public Trust
Potential for Remote Work: No
Description
SAIC is seeking a remote Cybersecurity Risk Assessment Analyst in support of Health and Human Services (HHS).
This is to support the Department of Health and Human Services (HHS) cybersecurity mission to ensure HHS can actively protect the vital health information with which it is entrusted, respond to existing and emerging cybersecurity threats, and continue to enhance the program to ensure HHS has the capability and capacity to respond to new and emerging requirements, technologies and threats.
The Cybersecurity Risk Assessment Analyst will work with the HHS Office of Information Services (OIS) Cybersecurity Risk Management Branch to assist the Cybersecurity Risk Assessment Lead and Cybersecurity Risk Management Project Manager in the development, coordination, and execution of Risk Assessments through HHS OpDivs/StaffDivs. Must be able to provide support in a fast-paced and dynamic customer environment with broad impact to the customer’s mission. The role requires a self-starter and strong problem solver, who can identify/anticipate requirements and provide creative solutions to the team.

REQUIRED QUALIFICATIONS:

• Bachelors degree and five (5) years or more of related experience; Masters and three year of related experience. May accept an additional 4 years of experience in lieu of a degree.
• 5-7+ years of project management experience as a government contractor.
• Must be a U.S. Citizen with the ability to obtain and maintain a Public Trust with HHS
• Proficient with Microsoft Poducts (Excel, Word, Project).
• Strong presentation skills and ability to adapt to various customers to include government and/or contractors
• Possess an inclination for critical thinking and analytical approaches to solving problems dealing with issues that are not readily defined and/or conflict with available information with the ability to reach sound decisions quickly employing systematic, multi-step approach
• Ability to resolve complex issues
• Ability to work independently
• Demonstrated knowledge of cybersecurity concepts and principles.
• Superior writing and communication skills.

• Monitor, track, report assessment results for risk owners; and escalate risks to Senior Leadership
• Perform technical system/infrastructure risk assessments/reassessment tasks
• Develop mitigation and corrective action plans with application/system owners
• Define expectations for assessments/reassessments
• Communicate and collaborate with internal teams, stakeholders, and leadership
• Assist in the continuous improvement and maturity of the organizations overall cyber risk management framework, program, processes, and tools
• Develop and provide training/guidance to stakeholders across the organization to promote a strong risk-aware culture
• Assist with maintenance of the a used by the team
• Assist with tracking and remediation of vulnerabilities
• Recommend appropriate policy, standards, process, and procedural updates as part of comprehensive remediation solutions
• Develop and provide key risk metrics for the cybersecurity risk management program
• Develop and maintain documentation in support of audit reviews
• Develop and maintain documentation in support of the cybersecurity risk management program
  Qualifications