Job ID: 2010217
Location: MCLEAN, VA, United States
Date Posted: Jul 1, 2020
Subcategory: Cyber Sec Analyst
Shift: Day Job
Minimum Clearance Required: Secret
Clearance Level Must Be Able to Obtain: None
Potential for Remote Work: Yes
SAIC currently has a career opportunity for an Information System Security Manager (ISSM). The Information Systems Security Manager (ISSM) will support information system life cycle activities from scoping systems for new programs and preparing Risk Management Framework packages, to reviewing regular maintenance, support and upgrades of systems during program execution, to program closeout and de-certification activities.
Maintain day-to-day security posture and continuous monitoring of Information Systems (IS) including security event log review and analysis, end user account audits, etc.
Assist the program’s DevOps team with secure code review.
Ensure system security measures comply with applicable government policies. Provide configuration management and accurately assess the impact of modifications and vulnerabilities for each system.
Conduct internal vulnerability assessments of the IS to identify and mitigate potential security weaknesses and ensure that all security features applied to a system are implemented and functional.
Conduct and review vulnerability scans on software code and work with the software developers on mitigating any findings
Draft and/or prepare and maintain security Assessment and Authorization documentation (e.g., IA SOP, SSP, RAR, and SCTM).
Maintain thorough understanding of NIST 800-53 controls and determine which controls are applicable to the application, as well as document implementation in Security Controls Tractability Matrix (SCTM).
Maintains awareness of upcoming customer / government driven changes and challenges and suggests approaches to meet those challenges.
Responsibilities also include those listed in DAAPM 2.0 Section 3.6 Information System Security Manager (ISSM)
Monitor system administration activities.
Required Education and Experience:
Active DoD Secret clearance.
Current/active DoD 8570.1M Professional Certification is required. Security+ certification is a minimum with the ability to obtain an IAM level II.
Experience with Fortify software and application scanning tools
Working knowledge of Risk Management Framework (RMF) and creating a RMF System Security Plan in the enterprise Mission Assurance Support Service (eMASS).
Experience with various information system security assessment/hardening tools - SCAP Compliance Checker, STIG Viewer, ACAS/Nessus, etc.
Able to initiate communication with SAIC management and Government agencies for support and/or compliance requirements.
Self-starter with the ability to operate independently without supervision.
Professional and effective interpersonal skills and attire along with the ability to provide face-to-face customer support are required.
More than 5 years of related information systems security experience in a security environment with demonstrated knowledge of classified IS operation.
Desired Education and Experience:
CompTIA Advanced Security Practitioner (CASP), Certified Information Security Manager (CISM), or Certified Information Systems Security Professional (CISSP)
Advanced experience in Windows 10 and Windows Server operating systems, specifically, as it relates to implementing security controls of the Operating System
SAIC is a premier technology integrator solving our nation's most complex modernization and readiness challenges. Our robust portfolio of offerings across the defense, space, civilian, and intelligence markets includes high-end solutions in engineering, IT, and mission solutions. Using our expertise in existing and emerging technologies, we integrate the best components from our own portfolio and our partner ecosystem to deliver innovative, effective, and efficient solutions. We are 25,500 strong; driven by mission, united by purpose, and inspired by opportunities. Headquartered in Reston, Virginia, SAIC has pro forma annual revenues of nearly $7.1 billion. For more information, visit saic.com. For ongoing news, please visit our newsroom. For SAIC benefits information, see Working at SAIC. EOE AA M/F/Vet/Disability