Cyber Risk Management Analyst (Job Number:438068)
SAIC is seeking a Cyber Risk Management Analyst to join our MSI team supporting the Commonwealth of Virginia (COV).
The Cyber Risk Management Analyst team will be interacting with COV technology suppliers about their compliance with COV cybersecurity policies and practices, and providing a wide range of Risk management services to them and the Commonwealth.
The Cyber Risk Management Analyst will have:
Strong understanding of applying Risk Management Frameworks (preferably NIST RMF and/or ISO 27000), including:
- Identification of business priorities.
- Analysis of Risk to those priorities.
- Planning of security controls to best protect those priorities while meeting requisite policies and procedures.
- Assessment of compliance with controls and resulting impact on risk.
- Creating plans to remediate weaknesses.
- Quantifying and reporting on remediation progress.
- Assessment of remediation effectiveness.
- Analysis of threat landscapes
- Reprioritization of remediation activities as dictated by changing threat landscapes.
- Automation of continuous monitoring solutions.
- Incident response and incident Root Cause Analysis.
- Maintenance of a consolidated Risk Register, with escalation of known issues that surpass the risk appetite of the organization.
Abilities Strong verbal, analytical, and written communication abilities:
- Verbal abilities should be confident but non- confrontational, articulate but not wordy, equally comfortable leading and following, and as eager to listen as to contribute.
- Analytical abilities should avoid black-and-white thinking, and instead embrace diversities of opinions and viewpoints for their ability to inform complex solutions to complex real-world problems.
- Written abilities should produce grammatically correct, concise, informative, and visually appealing written products.
- Adaptability to both technical and non-technical audiences and a strong customer-service focus will be critical since this is a role that will have frequent contact with our COV customer.
- US Citizen.
- Must be able to pass a Commonwealth of Virginia background check.
- Bachelors and nine (9) years or more experience; Masters and seven (7) years or more experience ; PhD or JD and four (4) years or more experience.
Candidates should describe their depth of hands-on experience with the following cybersecurity capabilities:
- RSA Archer, CyberArk, SailPoint, SQL Server, Nessus, VMware, Splunk, Active Directory, LDAP
- PKI concepts and provisioning tools, static code analyzers, endpoint protection capabilities
- VPN capabilities, System Admin tools, virtualization failover techniques
- Cloud/FedRAMP security practices & service deployment models, SSAE16 audits, VITA SSP
- VITA VAR documentation, and other cybersecurity-related protection capabilities and tools.
- Degrees in engineering, science, and mathematics are preferred.
- Continual Learning. Completion of advanced course work, or attainment and maintenance of cybersecurity-related credentials and certifications, is preferred.
- ITIL Certification. Candidates who have completed ITIL v3 2011 Foundation or above are preferred.
SAIC Overview:SAIC is a premier technology integrator providing full life cycle services and solutions in the technical, engineering, intelligence, and enterprise information technology markets. SAIC is Redefining Ingenuity through its deep customer and domain knowledge to enable the delivery of systems engineering and integration offerings for large, complex projects. SAIC's approximately 15,000 employees are driven by integrity and mission focus to serve customers in the U.S. federal government. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $4.5 billion. For more information, visit saic.com. For information on the benefits SAIC offers, see My SAIC Benefits. EOE AA M/F/Vet/Disability
Job Posting: Sep 19, 2018, 8:30:48 AM
Primary Location: United States-VA-RICHMOND
Clearance Level Must Currently Possess: None
Clearance Level Must Be Able to Obtain: None
Potential for Teleworking: No
Travel: Yes, 10% of the time
Shift: Day Job