Cybersecurity Specialist Sr
- Military veterans preferred
2022-05-13 SAIC (www.saic.com)
Other
/yr
full-time
employee
Colorado Springs Colorado United States
Description
SAIC is seeking a Cybersecurity Specialist Sr to support the MDA Security Control Assessors (SCA) as the Independent Verification and Validation (IV&V) team by performing complete and thorough risk assessments for the MDA.
Daily responsibilities include:
Performing risk assessments on packages submitted from the Information System Security Manager (ISSM) in Enterprise Mission Assurance Support Service (eMASS). These submissions include System Security Plans (SSP), Interim Authorization To Test (IATTs), Authorization to Operate (ATO), and Authorization to Connect (ATC).
The Risk Assessment process evaluates data from many sources to develop a holistic assessment that enables the Authorizing Official (AO) to make an authorization decision.
This process takes vulnerabilities associated with noncompliant RMF controls and evaluates their risk to the mission and the agency to arrive at a residual risk.
The CRA Engineer position is responsible for executing and documenting risk assessments, including interacting directly with the SCAs and the ISSMs and their Cybersecurity support staff, and supporting the AO signing.
Successful candidate will understand the Risk Management Framework (RMF) and the NIST 800-53 RMF Security Control Catalog.
Candidate should have experience assessing compliance and performing risk assessments.
Strong technical writing skills are required for producing Risk Assessment Reports and writing assessments that will be presented to the SCA and the AO for decision.
Desired skills include Cyber Threat Analyst background and experience in Cloud authorization strategies
Qualifications
Required Education and Experience:
10 years of IT experience, with at least 5 years of advanced cybersecurity experience
Required Clearance:
Current SECRET Clearance with ability to obtain a Top Secret
Required Qualifications:
DoD 8570.01-M IASAE Level II Certification
Candidate should possess significant knowledge of the Risk Management Framework as well as DoD and NIST guidance related to performing risk assessments
• Candidate must be able to examine results of vulnerability analysis, STIG, SRG, IAVM and cybersecurity control compliance in order to perform a detailed risk assessment
Candidate must be familiar with Assessment & Authorization (A&A) Package Approval Chain (PAC) and Control Approval Chain (CAC) processes to assist with performing risk assessments
Candidate should be capable of leading and executing advanced Cybersecurity Risk Analysis efforts
Candidate must be detail-oriented and mission-focused
Desired Qualifications:
Experience with the eMASS tool and repository is highly desired
Education: A Bachelor's Degree in a technical field is desired
Target salary range: $100,001 - $125,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.
Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.
