SAIC is seeking a Sr. Cyber Policy and Strategy Planner that applies technical and organizational to define an entity’s strategic direction, determine resource allocations, establish priorities, and identify programs or infrastructure required to achieve desired goals. Develops policy or advocates for policy change that will support new initiatives or required changes and enhancements. This position is responsible for:
- Providing leadership, management, direction, or development and advocacy so the organization may effectively conduct cybersecurity work
- Providing cybersecurity advice, guidance, and assistance to the Authorizing Officials (AO) and staff, assigned Program Managers, Systems Managers, Security Control Assessors (SCAs) and Information System Security Managers (ISSMs)
- Providing cybersecurity analysis supporting authorization decisions, risk analyses, mitigation strategies, and Federal and DoD cybersecurity compliance to ensure the confidentiality, integrity, and availability of NC3 Systems
- Work within the AO staff to provide solutions to cybersecurity process and technical challenges within the program in order to efficiently lead the approvals process, oversee cybersecurity compliance efforts, analyze and minimize operational risk to the systems
The ideal candidate will possess a thorough understanding in a wide range of security tools, techniques and procedures, including the following efforts:
- Identifies cybersecurity vulnerabilities in DOD’s NC3 systems and networking assets; determines mission risk and consults with and develops technical recommendations for CC/S/A owners on measures for mitigating cybersecurity risks ensuring delivery of a viable and robust NC3 cybersecurity posture.
- Reviews and evaluates NC3 security reports for cybersecurity issues; develops new methods and techniques to ensure actions are taken to correct and/or mitigate issues on DoD NC3 systems.
- Provides NC3 systems cybersecurity briefings, analysis, and recommendations for implementation to senior leaders as required.
- Analyze NC3 system cybersecurity assessments and findings, de-conflict, and normalize recommendations to senior leaders based upon assessment activities and results sought from varied venues. Provide summary of assessments within 2 days, highlighting newly identified vulnerabilities.
- Drafts, coordinates, and presents mission risk to NC3 missions IAW DoDI 8510.01. Assessments and products will be completed IAW SI 311-02 and will normally be technically accurate and include the most current information available.
- Researches, interprets, and analyzes broad guidance from Chairman Joint Chiefs of Staff (CJCS), Department of Defense (DOD), and other national regulations, policies, and guidelines
- Integrate changing DOD cybersecurity policies and USSTRATCOM NC3 initiatives through updates to Strategic Instructions, input on routine document reviews, and maintaining published guidance to the NC3 community.
- Conduct formal coordination via JSAP (and other methods) for event driven NC3 cybersecurity community tasking’s and follow SI 901-02 for coordination and memorandums requiring flag-level signature.
- Maintain USSTRATCOM policies, procedures, methodologies, and the analytical framework to support accomplishment of cybersecurity information system and mission risk assessments for NC3 systems/missions.
- Researches, analyzes and understands the interrelationships between systems within a functional mission area.
- Develops/updates/maintains the analytical framework and methodologies based on higher level guidance to assess mission risk within a functional mission area based on system level impacts.
- Establishes, develops, and maintains effective working relationships and partnerships with Combatant Commands, Services, and Agencies to promote NC3 cybersecurity efforts and USSTRATCOM's NC3 cybersecurity vision.
- Participates in special projects and initiatives and performs special assignments. Identifies the need for special projects and identifies milestones and goals.
- Develops agendas, decision topics, obtains briefings and information papers for meetings.
- Ensures accurate documentation of meeting action items and minutes for Senior Staff review.
- *Strong professional writing with the ability to learn different types of standardized formatting
- Research current and new policy, guidance, statues, and governance and best practices to design, implement, and mature the Cybersecurity Supply Chain Risk Management (C-SCRM program)
- Consult, guide, and inform, PMs, ISSMs and procurement officers of C-SCRM lifecycle and policy
- Interact with external DoD organizations to provide guidance on C-SCRM tailor fit for cross collaboration and interactions across networks
- Understand and provide guidance on the DIA C-SCRM Clause and procedural guidance
- Ability to provide impact analysis of C-SCRM threats on Critical components and covered systems
- Provide guidance on C-SCRM Risk Management Framework (RMF) controls
- Capability to validate C-SCRM RMF control implementations and provide guidance on process improvements
TYPICAL EDUCATION AND EXPERIENCE: Bachelors and nine (9) years or more experience; Masters and seven (7) years or more experience ; PhD or JD and four (4) years or more experience or 13 years of experience in lieu of degree
Clearance required to start: Top Secret/SCI or DoE Q Must be a US citizen required certification compliance:
Three-year’ experience working with the DOD cybersecurity major driving policies- DoD 8510.01 (RMF), DoDI 8500 series (Cybersecurity), and CNSSI 1253
Experience in RMF process across the Navy, Air Force, Space Force, and Intelligence cybersecurity communities
Three-year’ experience as Cybersecurity Analyst on DOD projects and/or systems of similar scope.
DoD-M 8570.1-M certified at all times, with new hires taking no more than 6 months to obtain the relevant certification
Must be US Citizen and have active TS/SCI Clearance
- One year of experience working with SharePoint and website management, Microsoft Excel experience
Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.
SAIC® is a premier Fortune 500® technology integrator driving our nation's technology transformation. Our robust portfolio of offerings across the defense, space, civilian, and intelligence markets includes secure high-end solutions in engineering, digital, artificial intelligence, and mission solutions. Using our expertise and understanding of existing and emerging technologies, we integrate the best components from our own portfolio and our partner ecosystem to deliver innovative, effective, and efficient solutions that are critical to achieving our customers' missions.
We are approximately 26,000 strong; driven by mission, united by purpose, and inspired by opportunities. SAIC is an Equal Opportunity Employer, fostering a culture of diversity, equity, and inclusion, which is core to our values and important to attract and retain exceptional talent. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $7.4 billion. For more information, visit saic.com. For ongoing news, please visit our newsroom.