Join our Talent Network >

Cyber Security Assessment Engineer

Job ID: 200563
Location: COLORADO SPRINGS, CO, United States
Date Posted: Feb 12, 2020
Category: Cyber
Subcategory: Cyber Sec Analyst
Schedule: Full-time
Shift: Day Job
Travel: Yes, 10 % of the Time
Minimum Clearance Required: Secret
Clearance Level Must Be Able to Obtain: TS/SCI
Potential for Teleworking: No

Share: mail

Job Description

Description

SAIC is seeking a qualified CRA Engineer. Supporting the MDA Security Control Assessors (SCA) as the Independent Verification and Validation (IV&V) team by performing complete and thorough risk assessments for the MDA.  Daily responsibilities include performing risk assessments on packages submitted from the Information System Security Manager (ISSM) in Enterprise Mission Assurance Support Service (eMASS). 

These submissions include System Security Plans (SSP), Interim Authorization To Test (IATTs), Authorization to Operate (ATO), and Authorization to Connect (ATC). 

 

The CRA Engineer evaluates data from many sources to develop a holistic assessment that enables the Authorizing Official (AO) to make an informed authorization decision.  This process takes vulnerabilities associated with noncompliant RMF controls and evaluates their risk to the mission and the agency to arrive at a residual risk.  

The CRA Engineer position is responsible for executing and documenting risk assessments, including interacting directly with the SCAs and the ISSMs and their Cybersecurity support staff, and supporting the AO signing.

 

Conducts risk and vulnerability assessment at the network, system and application level. Validates security control implementation and assesses  operational risk mitigations along with assisting in security awareness programs. Involved in a wide range of security issues including architectures, firewalls, electronic data traffic, and network access. 


Researches, evaluates and recommends new security tools, techniques, and technologies and introduces them to the enterprise in alignment with IT security strategy.  Assists in the awareness and education of the required government policy (i.e., DoDI 8500 series and NIST 800 series), and makes recommendations on process tailoring. 

Performs analyses to validate established security requirements and to recommend additional security requirements and safeguards. Supports the formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results, and preparation of required reports. Periodically conducts a review of each system's audits and monitors corrective actions until all actions are closed. May support cyber metrics development, maintenance and reporting. May provide briefings to senior staff. 


Work is performed without appreciable direction. Exercises considerable latitude in determining technical objectives of assignment. Completed work is reviewed from a relatively long-term perspective for desired results. Exercises judgment in selecting methods, techniques and evaluation criteria for obtaining results.


Interacts regularly with internal personnel (government and contractor staff) on significant technical matters often requiring coordination between organizations.

 

Qualifications

  • Bachelors (or higher) preferred. 
  • Must meet DoDM  8570.01-M, IASAE Level II requirements
  • 10 years of IT experience, with at least 5 years of advanced cybersecurity experience
  • Current CASP+CE, CISSP (or Associate), or CSSLP certification(s).
  • Active Secret Clearance 

 

Desired Qualifications

 

  • Successful candidate will understand the Risk Management Framework (RMF) and the NIST 800-53 RMF Security Control Catalog.  
  • Candidate should have experience assessing compliance and performing risk assessments.  
  • Strong technical writing skills are required for producing Risk Assessment Reports and writing assessments that will be presented to the SCA and the AO for decision. 



Overview

SAIC is a premier technology integrator solving our nation's most complex modernization and readiness challenges. Our robust portfolio of offerings across the defense, space, civilian, and intelligence markets includes high-end solutions in engineering, IT, and mission solutions. Using our expertise in existing and emerging technologies, we integrate the best components from our own portfolio and our partner ecosystem to deliver innovative, effective, and efficient solutions. We are 23,000 strong; driven by mission, united by purpose, and inspired by opportunities. Headquartered in Reston, Virginia, SAIC has pro forma annual revenues of nearly $6.5 billion. For more information, visit saic.com. For ongoing news, please visit our newsroom. For SAIC benefits information, see Working at SAIC. EOE AA M/F/Vet/Disability

Share: mail

Similar Jobs

Principal Cyber Engineer Architect

COLORADO SPRINGS, CO, United States
Cyber

Cyber Ops Planner Sr Principal

COLORADO SPRINGS, CO, United States
Cyber

Cyber Security Assessment Engineer

COLORADO SPRINGS, CO, United States
Cyber

Cyber Operations Planner Sr Principal

COLORADO SPRINGS, CO, United States
Cyber

Information Systems Security Manager (ISSM), DoD

COLORADO SPRINGS, CO, United States
Cyber

Cybersecurity Lead

United States
Cyber

Cybersecurity Engineer Principal

United States
Cyber

Cybersecurity Engineer

United States
Cyber

GPS Senior Cybersecurity Engineer

COLORADO SPRINGS, CO, United States
Cyber

Provide your information to receive jobs that fit you by keywords, location, and more,
and then receive great opportunities based on your skills and experience.

Join our Talent Network >