SAIC has an opportunity for a Lead Cybersecurity Specialist to support the US Army Corps of Engineers Revolutionary IT Services (USACE RITS) program.
This is a 100% virtual / work from home / remote position located anywhere in the CONUS.
The USACE RITS contract will provide modern and secure enterprise-wide IT support services to approximately 37,000 USACE customers located throughout the CONUS and OCONUS. Services will support the mission needs of USACE’s Headquarters (HQs) located in Washington, D.C., nine Divisions and 43 Districts, to include over 1,500 field and area project offices and two data centers that are currently located in Vicksburg, Mississippi, and Hillsboro, Oregon.
The ideal candidate will support USACE OCIO/G-6 cyber plans and exercises as well as RMF and audits to assess, evaluate and update the USACE OCIO/G-6 cyber posture in eMASS. The candidate will need the skills and abilities to supervise teams that:
- Administer the development, planning, and exercises to be performed.
- Attend exercise planning conferences, provide expert advice for development of planning documentation, participate during exercise and other security cooperation events, and prepare AARs and lessons learned during all phases of DCO support exercises.
- Support mission planning, mission analysis, technical analysis, and Concept of Operations (CONOPs).
- Develop and/or provide input to OPORDs, CONOPs, and courses of action.
- Support management and planning operations by submitting mission requests, providing status reports, and submitting AAR comments.
- Categorize agency information systems
- Select security controls
- Implement security controls
- Produce and provide security control artifacts required by DISA for interim authority to connect and authority to connect
- Assess security controls:
- Authorize information systems and provide Information System Security Manager (ISSM) services to include cloud, hybrid and on-premise systems.
- Monitor security state
- Capture, assess, maintain, and report asset information and provide an assessment report, identifying issues related to capturing of data and/or storage of data
- Ensure notification and tracking of significant incidents that meet Command Cyber Readiness Inspection (CCRI) criteria.
- Provide support for inspections, audits, and external reviews, including pre- and post-audit support.
- Provide audit readiness assessments. Assessments include, but are not limited to:
- Review of documentation for accuracy.
- Provide status of STIG, vulnerability, misconfigurations, etc.
- Provide Category (CAT) I, II or III remediation statistics.
- Estimate CCRI Scoring based on JFHQ-DoDIN CCRI Scoring, CCRI Phase IV Grading Criteria Worksheet, and CCRI Risk Indicator Scoring.
- Identify key issues affecting the defense of the USACE networks and cyber posture.
- Identify systemic causes of any assessment finding, pre-audit and post-audit, and develop recommended courses of corrective actions.
- Develop and disseminate mitigation/remediation guidance throughout the organization.
- Ensure participation in any meetings, to include travel for any assessment, pre-audit, audit, and post-audit.
- Analyze and comply with assigned OPORDs/taskers within the assigned suspense date, making recommendations to service owners.
- Review, draft, and obtain technical input for OPORDs, Fragmentary Orders, TASKORDs, and other system-requirements documentation.
- Test and implement procedures to mitigate vulnerabilities or comply with other actions in the OPORD/tasker.
- Develop POA&M and OISs within timelines of individual orders.
- Track all assigned OPORDs/taskers and approved POA&Ms until completion and acceptance by the Government.
- Support pre-pen testing efforts:
- Provide device and system availability for testing.
- Provide network drawings/design documentation in accordance with classification requirements and policies.
- Provide internal and external network configurations required to perform pen-testing.
- Support pen-testing activities:
- Escort pen-test and Red Team personnel during on-site activities.
- Support pen-test exercises as directed by the Government.
- Provide a liaison between on-site pen-test and Red Team and Government personnel, documenting activities, findings, incidents, and weaknesses.
- Support post-pen testing and Red Team efforts:
- Provide analysis of pen-testing results, including a summary of security weaknesses, risks to CorpsNet and SIPRNet, and recommendations to secure the weaknesses identified.
- Implement approved security recommendation in accordance with USACE OCIO/G-6 directives.
EDUCATION AND EXPERIENCE:
Bachelors and fourteen (14) years or more experience; Masters and twelve (12) years or more experience; PhD or JD and nine (9) years or more experience.
Must have or be able to obtain a TS/SCI clearance
Must have the baseline certification to satisfy IAM III requirements in accordance with DOD 8140/8570 (e.g. CISSP)
COVID Policy: Prospective and/or new employees are required to adhere with SAIC's vaccination policy. All SAIC employees must be fully vaccinated and they must submit proof of vaccination on their first day of employment. Prospective or new employees may seek an exemption to the vaccination requirement at Contact Us
and must have an approved exemption prior to the start of their employment. Where work is performed strictly at a customer site, customer site vaccination requirements preempt SAIC's vaccination policy.
Target salary range: $125,001 - $150,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.
SAIC® is a premier Fortune 500® technology integrator driving our nation's technology transformation. Our robust portfolio of offerings across the defense, space, civilian, and intelligence markets includes secure high-end solutions in engineering, digital, artificial intelligence, and mission solutions. Using our expertise and understanding of existing and emerging technologies, we integrate the best components from our own portfolio and our partner ecosystem to deliver innovative, effective, and efficient solutions that are critical to achieving our customers' missions.
We are more than 26,500 strong; driven by mission, united by purpose, and inspired by opportunities. SAIC is an Equal Opportunity Employer, fostering a respectful work culture based on diversity, equity, and inclusion that values all contributors. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $7.1 billion. For more information, visit saic.com.