Cybersecurity RMF Analyst at SAIC

Colorado Springs, Colorado, United States -

Full Time

Start Date

Immediate

Expiry Date

25 May, 26

Salary

0.0

Posted On

24 Feb, 26

Experience

5 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

RMF, eMASS, CORA, DoDD 8500.01, DoDI 8510.01, DoDD 8140.01, NIST SP800-53, ACAS, SCAP, ATO, CNSSI 1253, System Security Plans, STIGs, POA&M, Security+, TS/SCI Clearance

Industry

Defense and Space Manufacturing

Description

SAIC is seeking qualified applicants for RMF Analyst to provide Risk Management Framework (RMF) in support of the North American Aerospace Defense Command/United States Northern Command (N&NC) Information Technology (IT) Enterprise Services (NITES) contract, with primary work onsite in Colorado Springs. The candidate selected for this position will be responsible for the following: Supporting the Risk Management Framework (RMF) process for the N&NC Enterprise by maintaining system registration and records within eMASS. Ensuring cybersecurity standards are consistently met to maintain a Cyber Operational Readiness Assessment (CORA) ready status. Managing continuous Cyber Security posture of enterprise systems and identify mitigations to meet DoDD 8500.01, DoDI 8510.01, DoDD 8140.01, and NIST SP800-53. Analyzing scans from ACAS, SCAP, and other approved tools to determine security posture of systems to develop/maintain Authority to Operate (ATO) for systems and enclaves. Determining system categorization in accordance with CNSSI 1253 in areas of confidentiality, integrity, and availability as information types and system interconnections change. Managing the development and maintenance of system security plans, ensuring proper Security Technical Implementation Guides (STIGs) are applied for each system and enclave. Ensuring all findings are properly documented in the Plan of Action and Milestones (POA&M) on an on-going basis. SAIC is seeking qualified applicants for RMF Analyst to provide Risk Management Framework (RMF) in support of the North American Aerospace Defense Command/United States Northern Command (N&NC) Information Technology (IT) Enterprise Services (NITES) contract, with primary work onsite in Colorado Springs. SAIC is seeking qualified applicants for RMF Analyst to provide Risk Management Framework (RMF) in support of the North American Aerospace Defense Command/United States Northern Command (N&NC) Information Technology (IT) Enterprise Services (NITES) contract, with primary work onsite in Colorado Springs. The candidate selected for this position will be responsible for the following: Supporting the Risk Management Framework (RMF) process for the N&NC Enterprise by maintaining system registration and records within eMASS. Ensuring cybersecurity standards are consistently met to maintain a Cyber Operational Readiness Assessment (CORA) ready status. Managing continuous Cyber Security posture of enterprise systems and identify mitigations to meet DoDD 8500.01, DoDI 8510.01, DoDD 8140.01, and NIST SP800-53. Analyzing scans from ACAS, SCAP, and other approved tools to determine security posture of systems to develop/maintain Authority to Operate (ATO) for systems and enclaves. Determining system categorization in accordance with CNSSI 1253 in areas of confidentiality, integrity, and availability as information types and system interconnections change. Managing the development and maintenance of system security plans, ensuring proper Security Technical Implementation Guides (STIGs) are applied for each system and enclave. Ensuring all findings are properly documented in the Plan of Action and Milestones (POA&M) on an on-going basis. Creating and refining correct policies, procedures, and artifacts necessary to ensure controls are met. Required: Certification required per DoDD 8140.03, Intermediate Level (Security+ or equivalent) BS or equivalent work experience in the Information Assurance / Cybersecurity field 5+ years of overall IT security experience 2+ years of experience as an ISSO for DoD systems Direct experience in RMF artifacts and eMASS tracking of records Experience creating, tracking, and completion of Plans of Action and Milestones (POA&Ms) for resolving security control deficiencies TS/SCI security clearance Provide status updates to System Owners and leadership Desired: Ability to work in a team focused, dynamic environment Experience using STIG Viewer Familiar with Assess Only Records IAW 8510.01 Exposure/Prior Experience participating in Change Advisory Boards

Responsibilities

The analyst will support the Risk Management Framework (RMF) process for the N&NC Enterprise by maintaining system registration in eMASS and ensuring cybersecurity standards are met for Cyber Operational Readiness Assessment (CORA) readiness. Responsibilities include analyzing security scans, managing system security plans, and documenting findings in the Plan of Action and Milestones (POA&M).