SAIC is seeking a Cyber Analyst – RMF in Tampa, FL. The Cyber Analyst – RMF will work with multiple Project Engineering Teams to plan, execute, and implement the Defense Information Assurance Certification and Accreditation Process (DIACAP) and future Risk Management Framework for Department of Defense Information Technology (RMF for DoD IT). Will work with multiple Project Managers, Cyber Security Engineers, System Administrators, and Test Lab personnel to assess and validate USCENTCOM's security posture as new IT applications and systems are added or reaccredited within the USCENTCOM enterprise. Participate as a member of integrated government/contractor teams of technical and functional experts.
Role & Responsibilities include:
- IA scanning and auditing, incident handling and response specifically targeted towards computer incident response and restoration of a secure operating environment, investigation of intrusion events and attempts and analysis of exploits.
- Analytical support will include research and development of IA/CND concepts, policies, and strategies, particularly within the national security framework.
- Review and provide recommendations for process improvements to improve execution and compliance with Cross Domain Solution (CDS) management. Participates in CDS related workshops, meetings, and conferences including but not limited to Defense IA/Security Accreditation Working Group (DSAWG), Cross Domain Technical Advisory Board (CDTAB)/Cross Domain Solutions Assessment Panel (CDSAP) and others as required.
- Engage with technical experts within USCENTCOM and coordinate with Unified Cross Domain Services Management Office (UCDSMO), Department of Defense (DoD), National Security Agency (NSA), Intelligence Community (IC) Agencies, Cross Domain Solution vendors, and the Cross Domain Solution user community to identify and solve information sharing and security challenges.
- Billet requires candidate to be deployment capable as position may require short deployments to the USCENTCOM Area of Operation.
- Bachelors and five (5) years or more experience; Masters and three (3) years or more experience; PhD and 0 years related experience.
- Must meet DoD 8570.01-M minimum of IAT Level II Certification (i.e. Security +).
- Active Top Secret/SCI clearance is required.
- 5+ Years of experience producing and maintaining DoD Certification & Accreditation Packages (DIACAP).
- 5+ Years of experience understanding and implementing DoD, DISA, Joint Staff, CNSSI and NIST cybersecurity instructions, publications and policies.
- 5+ Years of experience in understanding and validating DISA Security Technical Implementation Guides (STIGs); DISA Security Requirements Guides (SRGs), National Security Agency Security Configuration Guides.
- 5+ Years of experience in understanding and validating NIST 800-53 Security Controls; CNSSI 1253 Security Controls and Overlays.
- 1+ Years of experience with Enterprise Mission Assurance Support Service (eMASS).
- Be familiar with the Cross Domain Solution Phases connection process.
- Be familiar with the Joint Vulnerability Assessment Process (JVAP).
- Be familiar with the SIPRNet Global Information Grid (GIG) Interconnection Approval Process System (SNAP) Database.
- Demonstrated knowledge of Cyber Security and enterprise cyber security solutions.
- Reviewing, validating, and prioritizing cross domain requirements.
- Ability to draft Cross Domain Solution Security Test and Evaluation (ST&E) Plans and Procedures.
- Have knowledge on the access to information regarding cross domain requirements, implementations, installations, and configurations within the organization.
- Ability to coordinate all pertinent cross domain issues with the Unified Cross Domain Management Office.
- Provide coordination and support for the organizations cross domain related risk management framework activities.
- Have knowledge of the available cross domain solution capabilities provided by Enterprise Services (ES) and the Unified Cross Domain Management Office Cross Domain baseline list.
- Ensuring that new cross domain developments are fully coordinated with the Unified Cross Domain Management Office; are in line with the goals and objectives of the Cross Domain Community Roadmap and; fill identified capability gaps.
- Must be able to work independently and have briefing, writing and customer interface skills.
- Experience with Assured Compliance Assessment Solution (ACAS/NESSUS), eEye Retina, DISA Security Content Automation Protocol (SCAP), Host Based Security System (HBSS); Vulnerability Management System (VMS); Continuous Monitoring and Risk Scoring (CMRS) cybersecurity applications and tools.
- Experience briefing senior military and civil service employees.
- Must have a valid US Passport and be deployment capable as position may require short deployments to the USCENTCOM Area of Operation.
- Have an understanding of the new Risk Management Framework for DoD Information Technology (RMF for DoD IT)
COVID Policy: Prospective and/or new employees are required to adhere with SAIC's vaccination policy. All SAIC employees must be fully vaccinated and they must submit proof of vaccination on their first day of employment. Prospective or new employees may seek an exemption to the vaccination requirement at Contact Us
and must have an approved exemption prior to the start of their employment. Where work is performed strictly at a customer site, customer site vaccination requirements preempt SAIC's vaccination policy.
SAIC® is a premier Fortune 500® technology integrator driving our nation's technology transformation. Our robust portfolio of offerings across the defense, space, civilian, and intelligence markets includes secure high-end solutions in engineering, digital, artificial intelligence, and mission solutions. Using our expertise and understanding of existing and emerging technologies, we integrate the best components from our own portfolio and our partner ecosystem to deliver innovative, effective, and efficient solutions that are critical to achieving our customers' missions.
We are more than 26,500 strong; driven by mission, united by purpose, and inspired by opportunities. SAIC is an Equal Opportunity Employer, fostering a respectful work culture based on diversity, equity, and inclusion that values all contributors. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $7.1 billion. For more information, visit saic.com.