SAIC is seeking a Principal Cyber Security Analyst to serve as NC3 Cybersecurity Analysts providing subject matter expertise as the focal point for all cybersecurity and Assessment and Authorization (A&A) activities supporting the Nuclear Command, Control, and Communication (NC3) Authorizing Official (AO).
This position is responsible for:
- Risk Management Framework (RMF) Assessment and Authorization (A&A) activities for NC3 systems and networks
- Providing cybersecurity advice, guidance, and assistance to the Authorizing Officials (AO) and staff, assigned Program Managers, Systems Managers, Security Control Assessors (SCAs) and Information System Security Managers (ISSMs)
- Packaging and review of A&A products created by the Program Management Offices (PMO) to comply with National, DoD, and USSTRATCOM NC3 cybersecurity policies
- Providing cybersecurity analysis supporting authorization decisions, risk analyses, mitigation strategies, and Federal and DoD cybersecurity compliance to ensure the confidentiality, integrity, and availability of NC3 Systems
- Work within the AO staff to provide solutions to cybersecurity process and technical challenges within the program in order to efficiently lead the A&A approvals process, oversee cybersecurity compliance efforts, analyze and minimize operational risk to the systems
The Principal Cyber Security Analyst/leader will possess a thorough understanding in a wide range of security tools, techniques and procedures, including the following efforts:
- Identifies cybersecurity vulnerabilities in DOD’s NC3 systems and networking assets; determines mission risk and consults with and develops technical recommendations for CC/S/A owners on measures for mitigating cybersecurity risks ensuring delivery of a viable and robust NC3 cybersecurity posture.
- Reviews and evaluates NC3 security reports for cybersecurity issues; develops new methods and techniques to ensure actions are taken to correct and/or mitigate issues on DoD NC3 systems.
- Provides NC3 systems cybersecurity briefings, analysis, and recommendations for implementation to senior leaders as required.
- Analyze NC3 system cybersecurity assessments and findings, de-conflict, and normalize recommendations to senior leaders based upon assessment activities and results sought from varied venues. Provide summary of assessments within 2 days, highlighting newly identified vulnerabilities.
- Drafts, coordinates, and presents mission risk to NC3 missions IAW DoDI 8510.01. Assessments and products will be completed IAW SI 311-02 and will normally be technically accurate and include the most current information available.
- Researches, interprets, and analyzes broad guidance from Chairman Joint Chiefs of Staff (CJCS), Department of Defense (DOD), and other national regulations, policies, and guidelines
- Integrate changing DOD cybersecurity policies and USSTRATCOM NC3 initiatives through updates to Strategic Instructions, input on routine document reviews, and maintaining published guidance to the NC3 community.
- Conduct formal coordination via JSAP (and other methods) for event driven NC3 cybersecurity community tasking’s and follow SI 901-02 for coordination and memorandums requiring flag-level signature.
- Maintain USSTRATCOM policies, procedures, methodologies, and the analytical framework to support accomplishment of cybersecurity information system and mission risk assessments for NC3 systems/missions.
- Researches, analyzes and understands the interrelationships between systems within a functional mission area.
- Develops/updates/maintains the analytical framework and methodologies based on higher level guidance to assess mission risk within a functional mission area based on system level impacts.
- Establishes, develops, and maintains effective working relationships and partnerships with Combatant Commands, Services, and Agencies to promote NC3 cybersecurity efforts and USSTRATCOM's NC3 cybersecurity vision.
- Participates in special projects and initiatives and performs special assignments. Identifies the need for special projects and identifies milestones and goals.
- Develops agendas, decision topics, obtains briefings and information papers for meetings.
- Ensures accurate documentation of meeting action items and minutes for Senior Staff review
- Three-year’ experience working with the DOD cybersecurity major driving policies- DoD 8510.01 (RMF), DoDI 8500 series (Cybersecurity), and CNSSI 1253
- Experience in RMF process across the Navy, Air Force, Space Force, and Intelligence cybersecurity communities
- Three-year’ experience as Cybersecurity Analyst on DOD projects and/or systems of similar scope
- DoD-M 8570.1-M certified at all times, with new hires taking no more than 6 months to obtain the relevant certification
- One year of experience working with SharePoint and website management, Microsoft Excel experience
TYPICAL EDUCATION AND EXPERIENCE: Bachelors and two (2) years or more experience; Masters and 0 years related experience.
Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.
SAIC® is a premier Fortune 500® technology integrator driving our nation's technology transformation. Our robust portfolio of offerings across the defense, space, civilian, and intelligence markets includes secure high-end solutions in engineering, digital, artificial intelligence, and mission solutions. Using our expertise and understanding of existing and emerging technologies, we integrate the best components from our own portfolio and our partner ecosystem to deliver innovative, effective, and efficient solutions that are critical to achieving our customers' missions.
We are more than 26,500 strong; driven by mission, united by purpose, and inspired by opportunities. SAIC is an Equal Opportunity Employer, fostering a respectful work culture based on diversity, equity, and inclusion that values all contributors. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $7.1 billion. For more information, visit saic.com.