SAIC is seeking a IA System Security Engineer to support our Air Force Modeling/Simulation (AFMS) program out of Vandenburg, CA.
AFMS is the premier agency responsible for implementation, integration, and development of Modeling and Simulation (M&S) and training and analysis standards that support the US Air Force (USAF), Department of Defense (DoD), and mission partners requiring these capabilities to support the Warfighter in full-spectrum operations. As the lead agent for M&S within the USAF, AFMS gathers requirements, seeks out potential solutions, and integrates legacy and emerging M&S solutions across the USAF and the DoD. The USAF has an M&S initiative that focuses on providing simulation and synthetic training as the critical capability to augment live training, act as an enabler for critical decision-making, and enhance human performance. In the current resource constrained environment, demand for M&S rises with the continuously evolving need for operational readiness and mission preparedness across the USAF, DoD, and with coalition partners. AFMS focuses on providing innovative M&S services as the key to meeting this demand.
This position supports the 2nd Range Operations Squadron (2 ROPS), 30th Space Wing at Vandenberg SFB, CA.
The Information System Security Engineer will:
- Ensure system development follows the RMF 6-step process IAW DoDI 8510.01.
- Determine the required levels of Confidentiality, Integrity, and Availability for the systems under development and select appropriate controls
- Develop RMF artifacts in support of obtaining ATCs, IATTs, and ATOs for Combat Development Division (CDD)-Western Range (WR) CDD-WR telemetry systems under development
- Develop, manage, and update System Security Plan and assessment and authorizations packages and provide any change to the ISSM or designee
- Document all findings and decisions for each applicable control
- Manage hardware and software lists provided by the system’s developer; ensure the most current template is utilized that can be exported and imported from Enterprise Mission Assurance Support Service (eMASS)
- Deliver RMF artifacts to the CDD-WR for inclusion in RMF packages
- Assist the Government/ISSM in reviewing all cybersecurity documents as required for RMF process
- Provide recommendations for Defense Information Systems Agency (DISA) Security Technical Implementation Guide (STIG) implementation and risk mitigations, using cybersecurity training and experience, to the CDD-WR
- Produce list of applicable DISA Security Technical Implementation Guides (STIGs) for the system
- Assess and provide tactical and strategic management of cybersecurity for CDD-WR portfolio, including the development of cybersecurity policy, strategies, and plans incorporating high-level directives, as well as the translation of strategic cybersecurity posture into specific cybersecurity requirements
- Maintain open lines of communication with development engineers and support personnel within the CDD-WR for accurate portrayal of systems within artifacts and to ensure awareness of completion status and timelines
- Provide continuous support in monitoring affected system after ATO is achieved to include
- Perform vulnerability and compliance scans of CDD-WR systems using DISA’s Assured Compliance Assessment Solution (ACAS)/Tenable Nessus
- Perform the necessary scans of CDD-WR systems using the most current, official criteria for inclusion in the RMF packages and in support of the development of the Plan of Actions and Milestones (POA&M)
- Assess and verify that cybersecurity requirements addressed at an acceptable level of risk in architecture specifications.
- Assess and present program cybersecurity and protection issues, and recommend solutions, mitigation, or corrective actions through the risk management process of the CDD-WR portfolio/programs.
- Support and facilitate CDD-WR cybersecurity Integrated Working Group meetings.
- Coordinate with all 30 SW contractors to validate that appropriate cybersecurity requirements applied to CDD-WR program
The following skills are required:
- DoD 8570.01-m IAM Level II (CAP, CASP+ CE, CISM, CISSP (or Associate), GSLC, CCISO) or higher (CISM, CISSP (or Associate), GSLC, CCISO)
- 3-5 years minimum as an Information System Security Engineer
- Experience in applying information systems security principles, concepts, and methods for RMF, eMASS, and ACAS toolsets and project management principles across IT disciplines and DoD information systems
- Experience in applying security principles to all states of system development from requirements development through operational acceptance
- Experience at the enterprise level in system design and architecture development with modern computer platforms (e.g., OS, cloud computing, datacenter operations)
- Experience in conducting information systems security assessments, evaluating IA and Cybersecurity controls, and conducting and supporting RMF activities
- Experience with Operational Air Force systems
- Bachelors and twelve (12) years or more of related experience or a Masters and ten (10) years or more experience
- Active Secret Clearance
COVID Policy: Prospective and/or new employees are required to adhere with SAIC's vaccination policy. All SAIC employees must be fully vaccinated and they must submit proof of vaccination on their first day of employment. Prospective or new employees may seek an exemption to the vaccination requirement at Contact Us
and must have an approved exemption prior to the start of their employment. Where work is performed strictly at a customer site, customer site vaccination requirements preempt SAIC's vaccination policy.
SAIC® is a premier Fortune 500® technology integrator driving our nation's technology transformation. Our robust portfolio of offerings across the defense, space, civilian, and intelligence markets includes secure high-end solutions in engineering, digital, artificial intelligence, and mission solutions. Using our expertise and understanding of existing and emerging technologies, we integrate the best components from our own portfolio and our partner ecosystem to deliver innovative, effective, and efficient solutions that are critical to achieving our customers' missions.
We are more than 26,500 strong; driven by mission, united by purpose, and inspired by opportunities. SAIC is an Equal Opportunity Employer, fostering a respectful work culture based on diversity, equity, and inclusion that values all contributors. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $7.1 billion. For more information, visit saic.com.