SAIC has a funded need for an Information System Security Officer (ISSO) to support a rapidly expanding Government Intelligence Community (IC) customer within the National Reconnaissance Office (NRO) in Chantilly, VA.
This customer is responsible for designing, building, and operating national security-related systems based in space, in the air, and on the ground.
- Implementation of security policies for customer environments
- Provide management briefings on the security posture and compliance status of assigned system(s)
- Conduct continuous monitoring (ConMon) and periodic self-inspections of computer systems to ensure security compliance with enterprise guidance and other policy directives, proactively report progress to team members/management, and make recommendations for improvements as needed
- Review Tenable Nessus security scans, communicate vulnerabilities to technical stakeholders, and track them to remediation
- Support customer responses to ongoing information system audits
- Ensure configuration management is appropriate for all Information Systems (IS) software and hardware
- Ensure change control requirements are documented and tracked
- Participate in security log and audit trail reviews in accordance with established schedules
- Conduct periodic reviews of Privileged User (PU) accounts (Developer, Admin, etc.)
- Assist in the creation of new policies/procedures as needed
- Oversee Secure Configuration and Change Management, Event Management, Vulnerability Management, Security Incident Management, POA&M Management, Reauthorization, and Decommissioning of customer IT asset environments
- Collaborate with the System Owner to maintain Approval to Operate (ATO), including the resolution of any Plans of Action & Milestones (POA&M) documents
- Maintain and validate account and vulnerability management
- Provide security design guidance and analysis to the project team throughout the RMF process
- Perform reviews of technical security assessments of computing environments to identify points of vulnerability, non-compliance with established Information Assurance (IA) standards and regulations, and recommended mitigation strategies
- Maintain a McAfee Data Loss Prevention (DLP) process to investigate, track, and mitigate security incidents.
- Responsible for maintaining security services tools within the Risk Management Framework (RMF).
Required Education and Experience
- 9 years of related experience OR Bachelors and five (5) years or more experience; Masters and three (3) years or more experience; PhD and 0 years related experience
- Current CompTIA Security+ CE cert, CISSP, OR CASP+ CE certification
- Top Secret/SCI security clearance with a Poly
- Experience with ServiceNow, McAfee ePolicy Orchestrator (ePO), AND/OR Tenable SecurityCenter (SC)
- Experience with HBSS, EVSS, AND/OR EITA bundle onboarding functions and corresponding tool suite
- Possess skills including organizing, scheduling, conducting, and coordinating work assignments to meet project milestones or established completion dates.
- Should be a self-starter who is proactive, efficient with their time, and able to prioritize tasks on a daily basis.
- Experience with computer networks, applications, processes and accesses.
- Be customer-focused and possess the ability to identify issues, analyze, and interpret data and develop solutions to a variety of moderately complex technical problems.
- Demonstrate strong interpersonal skills to effectively interface with all levels of employees and be able to represent the organization as a knowledgeable resource.
Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.
SAIC® is a premier Fortune 500® technology integrator driving our nation's technology transformation. Our robust portfolio of offerings across the defense, space, civilian, and intelligence markets includes secure high-end solutions in engineering, digital, artificial intelligence, and mission solutions. Using our expertise and understanding of existing and emerging technologies, we integrate the best components from our own portfolio and our partner ecosystem to deliver innovative, effective, and efficient solutions that are critical to achieving our customers' missions.
We are more than 26,500 strong; driven by mission, united by purpose, and inspired by opportunities. SAIC is an Equal Opportunity Employer, fostering a respectful work culture based on diversity, equity, and inclusion that values all contributors. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $7.1 billion. For more information, visit saic.com.