Join our Talent Network >

IA System Security Engineer

Job ID: 2016857
Location: O'FALLON, IL, United States
Date Posted: Dec 1, 2020
Category: Cyber
Subcategory: Cyber Sec Analyst
Schedule: Full-time
Shift: Day Job
Travel: Yes, 10 % of the Time
Minimum Clearance Required: Secret
Clearance Level Must Be Able to Obtain: Secret
Potential for Remote Work: No

Share: mail

Job Description

Description

SAIC is seeking qualified candidates to support the US Air Force Agency for Modeling and Simulation (AFAMS) program.

AFAMS is the premier agency responsible for implementation, integration, and development of Modeling and Simulation (M&S) and training and analysis standards that support the US Air Force (USAF), Department of Defense (DoD), and mission partners requiring these capabilities to support the Warfighter in full-spectrum operations. As the lead agent for M&S within the USAF, AFAMS gathers requirements, seeks out potential solutions, and integrates legacy and emerging M&S solutions across the USAF and the DoD. The USAF has an M&S initiative that focuses on providing simulation and synthetic training as the critical capability to augment live training, act as an enabler for critical decision-making, and enhance human performance. In the current resource constrained environment, demand for M&S rises with the continuously evolving need for operational readiness and mission preparedness across the USAF, DoD, and with coalition partners. AFAMS focuses on providing innovative M&S services as the key to meeting this demand.

The role of this position is to support the Air Force Life Cycle Management Center Simulators Division in O’Fallon, IL. The IA System Security Engineer will:

  • Support Information Owners achieving consistent application and implementation of network and system security policies, countermeasures, and procedures under development and fielded at user sites. Standardize non-technical assessment policies and procedures.
  • Provide technical expertise and cybersecurity services to augment and support the Security Control Assessor Representative (SCAR) and Associate Security Control Assessor Representative (ASCAR) functions throughout all security development lifecycles performed within a simulator program’s SDLC.
  • Develop and implement Common Control Provider (CCP) security controls and an eMASS program of record.
  • Standardize non-technical assessment policies and procedures.
  • Develop and distribute Best Practices and Lessons-Learned to the entire simulator fleet.
  • Provide cybersecurity expertise and services to support a programs’ ISSMs, ISSOs, and ISSEs.
  • Verify ISSOs are appointed in writing and verify they follow cybersecurity policies and procedures.
  • Develop and maintain organizational and program cybersecurity architecture, requirements, objectives and policies, and cybersecurity processes and procedures. Manage and update RMF cybersecurity information to include verifying artifacts are entered in eMASS.
  • Increase the security posture of programs by ensuring security controls are implemented and working per the ATO. Recommend risk mitigation procedures and countermeasures when a cybersecurity incident or vulnerability is discovered. Ensure a process is in place for users to report all cybersecurity threats, vulnerabilities, and incidents, whether actual or suspected, are reported to authorities (e.g., ISSO, ISSM, PM).
  • Assess the accuracy and completeness of RMF authorization packages IAW the Package Approval Chain (PAC) in eMASS. Reduce the Control Approval Chain (CAC) security control rejection and rework.
  • Provide a centralized management approach to create, update, track, and monitor POA&Ms from beginning through final resolution of security findings.
  • At customer direction, visit simulator program sites to provide cybersecurity support and services to site personnel to promote and improve simulator security postures and compliance with cybersecurity policies.
  • Assess current operations; document simulator security postures to ensure a robust cyber-security Program that complies with FIPS 199 and 200, DoDI 8500.01, DoDI 8510.01, DoDI 5200.39, and AFI 17-101.
  • Conduct analysis of findings on unclassified and classified networks and systems.

Qualifications

The following skills are required:

  • DoD 8570.1 IAM-Level III certification (e.g., CISM, CISSP (or Associate), GSLC, CCISO)
  • 5 years of senior engineering experience at the enterprise level in system design and architecture development with modern computer platforms (e.g., OS, cloud computing, datacenter operations).
  • A strong working knowledge of RMF.
  • Bachelors and ten (10) years or more of related experience; Masters and eight (8) years or more experience ; PhD or JD and two (2) years or more experience. In lieu of a degree an additional 4 years of experience is required.

A Secret security clearance is required for this position.



Overview

SAIC is a premier technology integrator solving our nation's modernization and readiness challenges. Our offerings across defense, space, civilian, and intelligence markets include high-end solutions in engineering, IT, and mission outcomes. We integrate the best components from our portfolio with our partner's ecosystem to deliver innovative and effective solutions. We are 25,500 strong; driven by mission, united by purpose, and inspired by opportunities. Headquartered in Reston, VA, SAIC has annual revenues of nearly $7.1 billion. For information, visit saic.com or Working at SAIC for benefits details. SAIC is an Equal Opportunity Employer empowering people no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status. We strive to create a diverse, inclusive and respectful work culture that values all.

Share: mail