RMF Cybersecurity Analyst Senior

at  SAIC

Job ID: 2414514
Location: REMOTE WORK, VA, US
Date Posted: 2024-11-14
Category: Cyber
Subcategory: Cyber Engineer
Schedule: Full-time
Shift: Day Job
Travel: Yes, 10 % of the Time
Minimum Clearance Required: Secret
Clearance Level Must Be Able to Obtain: TS/SCI
Potential for Remote Work: No
Description

INTRODUCTION

Make a difference for national security by joining a team of dedicated IT professionals who will sustain, modernize and transform the enterprise IT capabilities for the Defense Counterintelligence and Security Agency (DCSA). The Air Force and Combatant Commands Business Group of SAIC is seeking a Cybersecurity Analyst Senior to support a transformational infrastructure program for DCSA.
SAIC is proud to be supporting DCSA in safeguarding our nation’s information. DCSA is the designated oversight authority on the accreditation of classified facilities, information systems, and the insider threat program. This involves security oversight of more than 10,000 companies and approximately 13,000 facilities involved in classified work throughout the DoD and 31 Federal agencies.
Specifically, on the DCSA One IT program, SAIC will provide an enterprise IT solution that delivers highly secured and adaptable IT infrastructure, provides customer support, and cutting-edge technologies that support operations and advance the DCSA mission under a single IT environment (i.e., One IT).

JOB DESCRIPTION

The Cybersecurity Analyst Senior will provide support for the National Industrial Security System (NISS) by implementing and enforcing policy & procedures at all levels: DoD (Tier I), DCSA (Tier II) & NISS (Tier III). The best candidate for this role will be familiar with all three and how they influence & overlap with each other. They will maintain operational security posture for NISS to ensure cybersecurity standards and procedures are established and followed; perform day-to-day security operations of NISS; provide data and documentation for IT security control validations; provide configuration management (CM) for NISS security software, hardware, and firmware; evaluate changes to the system and assess the security impact of those changes; prepare and review documentation to include all Risk Management Framework (RMF) documentation in compliance with Committee on National Security Systems (CNSS) Instruction No. 1253.

REQUIRED QUALIFICATIONS

It is required that the Cybersecurity Analyst Senior have the following qualifications:

• Bachelors Degree with 5 years experience in Information Technology or additional experience in Information Systems Management, Cyber Security, or some other related field, or additional years of experience in lieu of a degree.
• At least 5 years of hands-on technical Cyber Security Experience and knowledge with DISA Security Technical Information Guides, DoD A&A Process, NIST SP 800-53, CNSSI 1253 rev 4 (and now rev 5), IA Technical Framework, and applicable DoD Cyber Security / Risk Management policies (must have DoD or eMASS experience).
• Secret clearance with ability to obtain a TS/SCI
• Specific experience with supporting a system in accordance with CNSSI 1253.
• At least one (1) year of the knowledge of current security tools, hardware/software security implementation, communication protocols, and Microsoft Office suite.
• IAT Level II certification is required.

DESIRED QUALIFICATIONS

• Top Secret or TS/SCI
  Target salary range: $120,001 - $160,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.
  SAIC accepts applications on an ongoing basis and there is no deadline.
  Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site

• Interface with NISS Project/Program Managers and Information System Security Manager on NISS with issues and updates.
• Track and report on Plan of Action and Milestone (POA&M) items, RMF Status, A&A ATOs, and Continuous Monitoring actions.
• Prepare briefs and A&A documents for approval.
• Work with technical SMEs to determine acceptable risk mitigation strategies.
• Perform quality checks on POA&Ms, assessments, and documentation.
• Conduct informal risk assessments to comply with DoD and DCSA policies and procedures.
• Review existing documentation for accuracy and relevance to current DoD and DCSA mandates.
• Assist with research on cybersecurity items of interest.
• Perform other duties as related to risk management, communication, and assessments.
  Qualifications