SAIC is seeking a Cyber Analyst – RMF in Tampa, FL. The Cyber Analyst – RMF will work with multiple Project Engineering Teams to plan, execute, and implement the Defense Information Assurance Certification and Accreditation Process (DIACAP) and future Risk Management Framework for Department of Defense Information Technology (RMF for DoD IT). Will work with multiple Project Managers, Cyber Security Engineers, System Administrators, and Test Lab personnel to assess and validate USCENTCOM's security posture as new IT applications and systems are added or reaccredited within the USCENTCOM enterprise. Participate as a member of integrated government/contractor teams of technical and functional experts.
Job duties include:
- IA scanning and auditing, incident handling and response specifically targeted towards computer incident response and restoration of a secure operating environment, investigation of intrusion events and attempts and analysis of exploits.
- Analytical support will include research and development of IA/CND concepts, policies, and strategies, particularly within the national security framework.
- Review and provide recommendations for process improvements to improve execution and compliance with Cross Domain Solution (CDS) management. Participates in CDS related workshops, meetings, and conferences including but not limited to Defense IA/Security Accreditation Working Group (DSAWG), Cross Domain Technical Advisory Board (CDTAB)/Cross Domain Solutions Assessment Panel (CDSAP) and others as required.
- Engage with technical experts within USCENTCOM and coordinate with Unified Cross Domain Services Management Office (UCDSMO), Department of Defense (DoD), National Security Agency (NSA), Intelligence Community (IC) Agencies, Cross Domain Solution vendors, and the Cross Domain Solution user community to identify and solve information sharing and security challenges.
- Billet requires candidate to be deployment capable as position may require short deployments to the USCENTCOM Area of Operation.
- Bachelor's Degree in technical discipline or equivalent and 5+ years related experience. 4 years of additional experience will be considered in lieu of degree.
- Must meet DoD 8570.01-M minimum of IAT Level II Certification (i.e. Security +).
- Active Top Secret/SCI clearance is required.
- 5+ Years of experience producing and maintaining DoD Certification & Accreditation Packages (DIACAP).
- 5+ Years of experience understanding and implementing DoD, DISA, Joint Staff, CNSSI and NIST cybersecurity instructions, publications and policies.
- 5+ Years of experience in understanding and validating DISA Security Technical Implementation Guides (STIGs); DISA Security Requirements Guides (SRGs), National Security Agency Security Configuration Guides.
- 5+ Years of experience in understanding and validating NIST 800-53 Security Controls; CNSSI 1253 Security Controls and Overlays.
- 1+ Years of experience with Enterprise Mission Assurance Support Service (eMASS).
- Be familiar with the Cross Domain Solution Phases connection process.
- Be familiar with the Joint Vulnerability Assessment Process (JVAP).
- Be familiar with the SIPRNet Global Information Grid (GIG) Interconnection Approval Process System (SNAP) Database.
- Demonstrated knowledge of Cyber Security and enterprise cyber security solutions.
- Reviewing, validating, and prioritizing cross domain requirements.
- Ability to draft Cross Domain Solution Security Test and Evaluation (ST&E) Plans and Procedures.
- Have knowledge on the access to information regarding cross domain requirements, implementations, installations, and configurations within the organization.
- Ability to coordinate all pertinent cross domain issues with the Unified Cross Domain Management Office.
- Provide coordination and support for the organizations cross domain related risk management framework activities.
- Have knowledge of the available cross domain solution capabilities provided by Enterprise Services (ES) and the Unified Cross Domain Management Office Cross Domain baseline list.
- Ensuring that new cross domain developments are fully coordinated with the Unified Cross Domain Management Office; are in line with the goals and objectives of the Cross Domain Community Roadmap and; fill identified capability gaps.
- Must be able to work independently and have briefing, writing and customer interface skills.
- Experience with Assured Compliance Assessment Solution (ACAS/NESSUS), eEye Retina, DISA Security Content Automation Protocol (SCAP), Host Based Security System (HBSS); Vulnerability Management System (VMS); Continuous Monitoring and Risk Scoring (CMRS) cybersecurity applications and tools.
- Experience briefing senior military and civil service employees.
- Must have a valid US Passport and be deployment capable as position may require short deployments to the USCENTCOM Area of Operation.
- Have an understanding of the new Risk Management Framework for DoD Information Technology (RMF for DoD IT)
SAIC is a premier technology integrator solving our nation's modernization and readiness challenges. Our offerings across defense, space, civilian, and intelligence markets include high-end solutions in engineering, IT, and mission outcomes. We integrate the best components from our portfolio with our partner's ecosystem to deliver innovative and effective solutions. We are 25,500 strong; driven by mission, united by purpose, and inspired by opportunities. Headquartered in Reston, VA, SAIC has annual revenues of nearly $7.1 billion. For information, visit saic.com or Working at SAIC for benefits details. SAIC is an Equal Opportunity Employer empowering people no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status. We strive to create a diverse, inclusive and respectful work culture that values all.