Full Time Employee
Aber Prov Grd
Cyber Security Analyst (Job Number:416704)
SAIC is building a team to provide Enterprise Information Technology (IT) Solutions Sustainment support and the associated management and administration for the delivery of a combination of hardware infrastructure and application infrastructure necessary to achieve a complete, centralized, and elastic environment for Building, Hosting, Integrating, and Managing Web enabled business applications and/or application services. This is accomplished by using innovative software and hardware tools utilized to enhance information technologies. By integrating different technologies to include both the re-write of legacy systems and the addition of features to existing systems to maximize cost savings, resource utilization and provide a solution to unique Army business application's hosting and management challenges.
The Cyber Security team will review and perform testing on client’s information systems to determine compliance with requirements, as well as identify and qualify risk associated with the implementation of the client’s information system, resulting in a complete risk assessment document in the form of a Security Assessment Report (SAR).
- - Serve as an individual on the Cyber Security Team.
- - Develop Cyber Security documentation validating software quality, security, reliability and maintainability attributes. Identify gaps in Cyber Security/CND posture and assess risks.
- - Participate in development and review of DIACAP/RMF documentation, Networthiness Documentation, and ensure STIG compliance and validation.
- - Provide quality assurance specialist support including formulating, coordinating, directing, and executing all quality assurance policies, tools, and training programs; conducting internal controls reviews to ensure product assurance competency and the effectiveness of surveillance activities.
- - Develop strategies, goals, tasks, roles, responsibilities, and information needs for Cyber Security surveillance and oversight.
- - Review information systems for compliance with applicable DoDI 8500.01 and DoDI 8510.01
- - Provide IS security advice and guidance in accordance with applicable regulations, and directives and guidance to Government and DoD partners for the protection of data at all classification levels including SCI.
- - Evaluate and recommend approval, disapproval, or waiver(s) for IS processing national security data.
- - Provide input or consideration in the promulgation of future security policy.
- - Support and/or conduct site visits and assessments to inspect and verify IS reports and plans at various locations, and provide a written report for review and approval.
- - Prepare reports and memoranda, to include, but not limited to: Memoranda for the Record (MFR), Memoranda of Agreement (MOA), Authorization To Proceed, and status and technical briefs for review and approval by government Cyber Security.
- - Update data on Government-provided databases with current information about IS status.
- - Prepare, review, and record notification and status messages to indicate A&A state of systems to system owner or programs.
- - Ensure IS security requirements, including applicable RMF directives and guidance, are addressed and applied; appropriate documentation prepared by the system owners or programs inclusive of the Security Assessment Package, Concept of Operations (CONOPS) Plan, System Security Plans, System Requirements Traceability Matrix, Risk Management Matrix, Test Results, interface control documents, requests for changes, test plans, and other related program security documentation.
- - Track completion of the Security Assessment Package and report status.
- - Provide preparation of the Security Assessment Report (SAR). The SAR contents include, but not limited to, the Summary of Assessment results and Authorization Recommendation.
- Bachelor's degree preferably in a Technical Computer Field (Computer Science, Management Information Systems, Information Technology, Networking). 8 years applicable experience may be considered in lieu of degree.
- - Experience with XACTA, DIACAP, Risk Management Framework (RMF), NIST, eMASS, SCAP Scanning, IAVA’s methodologies, STIG’s and ACAS.
· · - Minimum 5 years data/network/information system assurance and system design, information security assessments, C&A, Plan of Action Milestones (PoAM) remediation, Information Assurance Vulnerability Alerts.
- - Experience performing Information Assurance functions in a Capability Maturity Model Integration (CMMI) Maturity Level 3 (or better).
- - Required Certifications: Currently possess DoD 8570 certification, Security +.
- - In depth knowledge of Information Assurance auditing, continuous monitoring, and analysis.
- - Possesses strong analytical skills and good interpersonal and communications skills in dealing with multiple contractor and government organizations.
- - Must currently possess TS/SCI.
- - NSA Information Assurance Guidelines
- - Certifications: CompTIA Security +, CISSP, CEH, GSEC, GCIH, CISA, GCED, SSCP, and/or CISA
- - Familiar with multiple operating systems including Linux and Windows
- - Virtualization experience with technologies such as KVM and VMWare VSphere
SAIC Overview:SAIC is a leading provider of technical, engineering and enterprise information technology services to the U.S. government. Our 13,000 employees deliver systems engineering and information technology offerings for large, complex government programs, as well as a broad range of higher-end, differentiated technology services. The company is headquartered in McLean, Va. For more information, visit www.saic.com.
EOE AA M/F/Vet/Disability
Job Posting: Mar 4, 2016, 9:28:00 AM
Primary Location: United States-MD-ABER PROV GRD
Clearance Level Must Currently Possess: Top Secret/SCI
Clearance Level Must Be Able to Obtain: Top Secret/SCI
Potential for Teleworking: No
Travel: Yes, 10% of the time
Shift: Day Job
To apply for this job, contact: