Job Description
Description
SAIC team currently has an opening for a Senior Information Security Analyst to support a Department of State (DoS) Bureau of Information Resource Management (IRM) program. This program provides transparent, interconnected systems security; supporting the DoS in successfully carrying out its U.S. foreign policy mission. IRM provides enterprise architecture design, engineering, cyber security, operations and maintenance support services for desktops, servers, networks, firewalls, and enterprise applications across the Department. The Program is named "Vanguard 2.2.1" and is an IT operations, consolidation and modernization program consisting of the Department's servers, mainframes, network devices, network perimeter, anti-virus engineering, public key infrastructure (PKI)/biometrics/encryption, monitoring tools, telephony, mobile computing platform, virtual environment, cloud computing, and enclave design/security engineering.
Job Description
This position is within the Vanguard 2.2.1 program supporting steps 1 through 3 and step 6 of the Risk Management Framework’s (RMF) Assessment and Authorization (A&A) process for DoS systems. Steps 1 through 3 and 6 are the primary responsibility of system owners; ensuring security related documentation is finalized and security control compliance is validated prior to submission to independent assessors. This position will require significant interaction with the DoS and contractor staff and with the DoS Cyber Operations Directorate within IRM. The work location is in the Washington, D.C. Metropolitan area but may require CONUS travel for short trips.
Responsibilities include:
- Providing system owner support throughout the A&A process by providing guidance to, and coordinating the efforts of, relevant system operators across the environment.
- Working collaboratively with system owners and operators to complete system security plans (SSPs) and continuity of operations plans (CoOPs), respond to SCA findings, establish and execute Plans of Action and Milestones (POA&Ms), and identify, implement and document mitigating controls.
- Compiling and submitting A&A packages for independent security control assessor (SCA) review and assessment.
- Optimize the process for centrally tracking and reporting on security-related status for all IRM systems (i.e. ATO status, POA&M status, etc.)
- Supporting and interacting with customers, at the highest levels, as required.
Qualifications
Required Education, Experience, & Skills
- Bachelors degree in a related field and six (6) years or more experience; Masters and three (3) years or more experience;
- Hands-on experience with traditional A&A using NIST Special Publications (SPs) including SP800-53 Rev 4, SP800-37 Rev 2 and CNSSI 1253. (Only having DIACAP or DITSCAP experience is not acceptable).
Required Clearance
- All candidates for consideration must hold a Secret clearance with eligibility to obtain Top Secret clearance.
Desired Education & Skills
- A&A-related project leadership experience
- One of the following certifications:
- ISACA Certified Information Systems Auditor (CISA)
- SCP Security Certified Network Architect (SCNA)
- (ISC)2 Certified Authorization Professional (CAP)
- GIAC Systems and Network Auditor (GSNA)
- (ISC)2 Certified Information Systems Security Professional (CISSP)
- GIAC Security Leadership (GSLC)
- ISACA Certified Information Security Manager (CISM)
- PMI Project Management Professional (PMP) certification
- A relevant hands-on technical certification (e.g., Microsoft MCSE)
- Experience with, and knowledge of, IT security architecture and engineering
- Familiarity with DoS environment (data and voice networks, IT security systems, policies and procedures), Foreign Affairs Handbooks (FAHs), Foreign Affairs Manuals (FAMs) and DoS IRM/IA C&A Tool Kit, and DIACAP
Overview
SAIC is a premier technology integrator solving our nation's modernization and readiness challenges. Our offerings across defense, space, civilian, and intelligence markets include high-end solutions in engineering, IT, and mission outcomes. We integrate the best components from our portfolio with our partner's ecosystem to deliver innovative and effective solutions. We are 25,500 strong; driven by mission, united by purpose, and inspired by opportunities. Headquartered in Reston, VA, SAIC has annual revenues of nearly $7.1 billion. For information, visit saic.com or Working at SAIC for benefits details. SAIC is an Equal Opportunity Employer empowering people no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status. We strive to create a diverse, inclusive and respectful work culture that values all.
