SAIC is seeking a Cyber Risk Management Analyst to join our MSI team supporting the Commonwealth of Virginia (COV). The Risk Analyst team will be interacting with COV technology suppliers about their compliance with COV cybersecurity policies and practices, and providing a wide range of Risk management services to them and the Commonwealth. This will require a combination of the following Knowledge, Skills, and Abilities:
Strong understanding of applying Risk Management Frameworks (preferably NIST RMF and/or ISO 27000), including:
Strong verbal, analytical, and written communication abilities:
· Verbal abilities should be confident but non-confrontational, articulate but not wordy, equally comfortable leading and following, and as eager to listen as to contribute.
· Analytical abilities should avoid black-and-white thinking, and instead embrace diversities of opinions and viewpoints for their ability to inform complex solutions to complex real-world problems.
· Written abilities should produce grammatically correct, concise, informative, and visually appealing written products.
· Adaptability to both technical and non-technical audiences and a strong customer-service focus will be critical since this is a role that will have frequent contact with our COV customer.
Required Education and Experience:
• Candidates must have a Bachelor’s degree and at least two (2) years of experience. Degrees in engineering, science, and mathematics are preferred. We will accept an additional 4 years of relevant experience in lieu of a degree.
• Must have at least one year of direct IT security experience.
• Must be able a U.S. citizen with the ability to pass a Commonwealth of Virginia background check.
• Continual Learning. Completion of advanced course work, or attainment and maintenance of cybersecurity-related credentials and certifications, is preferred.
• ITIL Certification. Candidates who have completed ITIL v3 2011 Foundation or above are preferred.
• Location. Work will be performed in Richmond, VA, with some telework allowed subject to customer needs and ability to adhere to telework policy.