SAIC is seeking qualified candidates to support the US Air Force Agency for Modeling and Simulation (AFAMS) program.
AFAMS is the premier agency responsible for implementation, integration, and development of Modeling and Simulation (M&S) and training and analysis standards that support the US Air Force (USAF), Department of Defense (DoD), and mission partners requiring these capabilities to support the Warfighter in full-spectrum operations. As the lead agent for M&S within the USAF, AFAMS gathers requirements, seeks out potential solutions, and integrates legacy and emerging M&S solutions across the USAF and the DoD. The USAF has an M&S initiative that focuses on providing simulation and synthetic training as the critical capability to augment live training, act as an enabler for critical decision-making, and enhance human performance. In the current resource constrained environment, demand for M&S rises with the continuously evolving need for operational readiness and mission preparedness across the USAF, DoD, and with coalition partners. AFAMS focuses on providing innovative M&S services as the key to meeting this demand.
The role of this position is to support the Air Force Life Cycle Management Center Simulators Division in Wright Patterson AFB, OH. The IA System Security Engineer will:
- Support Information Owners achieving consistent application and implementation of network and system security policies, countermeasures, and procedures under development and fielded at user sites. Standardize non-technical assessment policies and procedures.
- Provide technical expertise and cybersecurity services to augment and support the Security Control Assessor Representative (SCAR) and Associate Security Control Assessor Representative (ASCAR) functions throughout all security development lifecycles performed within a simulator program’s SDLC.
- Develop and implement Common Control Provider (CCP) security controls and an eMASS program of record.
- Standardize non-technical assessment policies and procedures.
- Develop and distribute Best Practices and Lessons-Learned to the entire simulator fleet.
- Provide cybersecurity expertise and services to support a programs’ ISSMs, ISSOs, and ISSEs.
- Assist Programs with cyber security requirements and cyber security language for RFI's. SOO's and other program developed documents.
- Verify ISSOs are appointed in writing and verify they follow cybersecurity policies and procedures.
- Develop and maintain organizational and program cybersecurity architecture, requirements, objectives and policies, and cybersecurity processes and procedures.
- Manage and update RMF cybersecurity information to include verifying artifacts are entered in eMASS or other AO required format.
- Increase the security posture of programs by ensuring security controls are implemented and working per the ATO.
- Recommend risk mitigation procedures and countermeasures when a cybersecurity incident or vulnerability is discovered.
- Ensure a process is in place for users to report all cybersecurity threats, vulnerabilities, and incidents, whether actual or suspected, are reported to authorities (e.g., ISSO, ISSM, PM).
- Assess the accuracy and completeness of RMF authorization packages IAW the Package Approval Chain (PAC) in eMASS. Reduce the Control Approval Chain (CAC) security control rejection and rework.
- Provide a centralized management approach to create, update, track, and monitor POA&Ms from beginning through final resolution of security findings.
- At customer direction, visit simulator program sites to provide cybersecurity support and services to site personnel to promote and improve simulator security postures and compliance with cybersecurity policies.
- Assess current operations; document simulator security postures to ensure a robust cyber-security Program that complies with FIPS 199 and 200, DoDI 8500.01, DoDI 8510.01, DoDI 5200.39, and AFI 17-101.
- Conduct analysis of findings on unclassified and classified networks and systems.
The following skills are required:
- DoD 8570.1 IAM Level II certification or able to secure within first 90 days post hire.
- 3 - 10 years system security engineering experience conducting information system security assessments; evaluating IA and Cybersecurity security controls; and conducting and supporting RMF activities.
- (Desired) Defense Information Assurance Certification and Accreditation Process (DIACAP) proficiency.
- eMASS and ACAS operations proficiency; formal eMASS/ACAS training desired.
- Bachelors and five (5) years or more of related cybersecurity experience; Masters and three (3) years or more cybersecurity experience .
- A Secret security clearance is required for this position.
SAIC is a premier technology integrator solving our nation's modernization and readiness challenges. Our offerings across defense, space, civilian, and intelligence markets include high-end solutions in engineering, IT, and mission outcomes. We integrate the best components from our portfolio with our partner's ecosystem to deliver innovative and effective solutions. We are 25,500 strong; driven by mission, united by purpose, and inspired by opportunities. Headquartered in Reston, VA, SAIC has annual revenues of nearly $7.1 billion. For information, visit saic.com or Working at SAIC for benefits details. SAIC is an Equal Opportunity Employer empowering people no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status. We strive to create a diverse, inclusive and respectful work culture that values all.