FedRAMP / Cyber Compliance Analyst

Job Description

Description

SAIC is seeking a remote FedRAMP / Cyber Compliance Analyst. This is in support of the Department of Health and Human Services (HHS) cybersecurity mission to ensure HHS can actively protect the vital health information with which it is entrusted, respond to existing and emerging cybersecurity threats, and continue to enhance the program to ensure HHS has the capability and capacity to respond to new and emerging requirements, technologies and threats.

Responsibilities:

• Lead Cloud Service Providers (CSP) through the FedRAMP ATO process.
• Assist the HHS FedRAMP team identifying vulnerabilities and risks to CSP accreditation.
• Review CSP FedRAMP packages (System Security Plan, Authorization Boundary, Data Flow and other diagrams) ahead of full assessments.
• Assure CSP FedRAMP Boundary components in customer deployments are accurately described and implanted based on the appropriate FedRAMP security controls.
• Coordinate with internal stakeholder engineering teams to demonstrate the implementation of security compliance control implementations for technical, management, and operational requirements.
• Provide oversight on the independent initial and annual security audit of the security controls to ensure compliance with cloud requirements and governance models.
• Support the development of technical material, operational processes, security policies, and other core documents for the HHS FedRAMP team.
• Meet task deliverable metrics.
• Manage the Continuous Monitoring of the CSPs through Plans of Action and Milestones (POA&Ms) and monthly ConMon meetings.
• Reviewing IT security measures and safeguarding the information resources of the enterprise to maintain integrity, confidentiality, and availability of data/application.
• Leverage internal security operations procedures for efficient operation and protection of cloud application while maintaining security integrity.
• Assisting the Team Lead and FedRAMP SME with overall operations for executing projects involving scoping, initiating, high level design & architecture, resource mobilization and execution within cost & time parameters.

Qualifications

Required Qualifications:

• Experience and familiarity with cloud data security (FISMA/FedRAMP compliance).
• Bachelor’s Degree in a relevant field or 4 years of additional experience in lieu of a degree and 2+ years of experience. 
• Direct FedRAMP experience.
• Strong understanding of Cloud computing models, architecture, design, and security evaluation.
• Extensive experience with vulnerability management and Plans of Action and Milestones (POA&Ms), with Privacy Impact Assessments, and security categorizations.
• Writing technical documentation and knowledge of Cloud and Security concepts.
• Technical experience related to FIPS 199, NIST SP 800-37, NIST SP 800-53 REV 4, FISMA/NIST A&A.
• Understanding of the role of Third-party Assessment Organizations (3PAO).
• Experience with and knowledge of: National Institute of Standards and Technology (NIST) standards Strong governance, risk and compliance experience, Cloud Computing Security Requirements Guide (SRG).
• Experience with public cloud solutions (AWS, Google, and Azure).
• Proven ability to work with clients, business partners and suppliers.
• 2+ years direct FedRAMP experience preferred.

 Certification: IAT Level I Certification(s) or above desired.

 Clearance: Must be a U.S. Citizen with the ability to obtain and maintain a Public Trust clearance.

Overview

SAIC accepts applications on an ongoing basis and there is no deadline.

SAIC® is a premier Fortune 500® mission integrator focused on advancing the power of technology and innovation to serve and protect our world. Our robust portfolio of offerings across the defense, space, civilian and intelligence markets includes secure high-end solutions in mission IT, enterprise IT, engineering services and professional services. We integrate emerging technology, rapidly and securely, into mission critical operations that modernize and enable critical national imperatives.

We are approximately 24,000 strong; driven by mission, united by purpose, and inspired by opportunities. SAIC is an Equal Opportunity Employer. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $7.5 billion. For more information, visit saic.com. For ongoing news, please visit our newsroom.