The Patch Management Analyst is responsible for monitoring Information Assurance Vulnerability Alert releases (IAVAs) from USCYBER COMMAND. Coordinates and monitors the progress of patches and updates throughout the program enterprise. Provide guidance when it comes to analyzing and evaluating the patching status of networks and security vulnerabilities on a daily basis.
Roles and Responsibilities:
- Assist with ensuring that security policies, standards and procedures are followed.
- Brief government leadership daily on patching status and monthly to show continued/historical progress.
- Assign remediation tasks to applicable branches and track progress through completion.
- Create and track Plans of Action and Milestones (POA&M) and other documentation for approval by the Authorizing Official (AO) as needed.
- Work cross-divisionally with Engineering and Cyber Security regarding testing, validation and documentation of patches and software updates.
- Participate in Command Cyber Readiness Inspection (CCRI) preparation.
- Monitor the implementation/remediation of IAVAs and security patches.
- Provide guidance throughout the organization regarding the patch management process (IAVM/Remediation)
- Review and analyze patching data (primary tools include ACAS and Nessus), determine action items and remediation efforts.
- Coordinate with change management and problem management to evaluate and facilitate changes and or problem execution related to information systems vulnerabilities.
- Recommend and assist with implementation of remediation/mitigation action plans ensuring no/to limited impact to operations.
- Tracking of other Compliance items as required.
- Bachelors degree & 2+ years of experience
- SECRET clearance (DoD)
- Security + certification (8570 Requirement)
- Active passport and the ability to travel overseas on short notice
- Experience with various Microsoft technologies
- Microsoft Office 2010;2013;2016
- Microsoft System Center Configuration Management (SCCM);
- Windows Server and Client OS;
- Microsoft Domain Services (Active Directory, Group Policy, etc.);
- Microsoft SharePoint;
- Experience with Tennable Nessus Vulnerability Scanner (Assured Compliance Assessment Solution)
- Strong interpersonal and communication skills
- Strong problem solving and trend analysis skills
- Strong analytic and decision making abilities
- Proficiency in Microsoft Office products (Project, SharePoint, Word, Excel).
- TS/SCI clearance (DoD)
- 3 years direct server admin experience
- Experience with CCRIs, STIGs, IAVMs, System Accreditation (Security Authorization/DIACAP)
- Microsoft Server certifications (e.g., MTS, MCSE, MCSA, etc.)
- ITIL Foundation certification
- Associate's degree and 3 yrs of related experience. Equivalent work experience will be considered in lieu of a degree.
Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.
SAIC® is a premier Fortune 500® technology integrator driving our nation's technology transformation. Our robust portfolio of offerings across the defense, space, civilian, and intelligence markets includes secure high-end solutions in engineering, digital, artificial intelligence, and mission solutions. Using our expertise and understanding of existing and emerging technologies, we integrate the best components from our own portfolio and our partner ecosystem to deliver innovative, effective, and efficient solutions that are critical to achieving our customers' missions.
We are approximately 26,000 strong; driven by mission, united by purpose, and inspired by opportunities. SAIC is an Equal Opportunity Employer, fostering a culture of diversity, equity, and inclusion, which is core to our values and important to attract and retain exceptional talent. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $7.4 billion. For more information, visit saic.com. For ongoing news, please visit our newsroom.