Vacancy expired!
Job ID: 2303490
Location: HUNTSVILLE, AL, USDate Posted: 2023-03-13Category: CyberSubcategory: Cybersecurity SpecSchedule: Full-timeShift: Day JobTravel: Yes, 25 % of the TimeMinimum Clearance Required: Interim SecretClearance Level Must Be Able to Obtain: Top SecretPotential for Remote Work: NoDescription SAIC has an opportunity for a Senior Cybersecurity Analyst documenting security controls and creating Authority to Operate (ATO) packages. The scope of work for the position includes principal-level Cybersecurity leadership supporting INDOPACOM J73, Advanced Prototyping Engineering and Experimentation (APEX) Lab, and the Integrated Collaborative Environment (ICE). NOTE: This position is located on Redstone Arsenal Alabama, but can require up to 25% travel to Hawaii. This position is a hybrid position that allows work from home for unclassified work and on site for classified work. The position supports a flex work schedule with every other Friday off. Job Description:- Documenting security controls in SSP per NIST SP 800-53A rev4
- Create Authority to Operate (ATO) packages
- Validate vulnerability/risk assessment analysis to support accreditation
- Utilize various information system inspection tools to audit systems, analyze potential vulnerabilities and identify mitigation approaches
- Conduct technical evaluation of information system designs, focusing on information security aspects and accreditation
- Review completion and implementation of system additions and enhancements, and makes recommendations to management
- Determine system specifications, input/output processes, and working parameters for hardware and software compatibility
- Assist and review program documentation to include RMF reports, accreditation packages, and security policy guides using NIST 800-53A guidance
- Experience using Government, Risk Compliance (GRC) tools (i.e. Cyber Security Assessment and Management (CSAM), eMASS, XACTA, ect)
- Experience developing Standard Operating Procedures (SOP), After-Action Reports, and Policy and Procedure documents
- Experience documenting security controls in a System Security Plan (SSP) and how the controls are being implemented
- Experience working with Authority to Operate (ATO) packages for both on-premises, and Cloud environments
- Familiar with Risk Management Framework (RMF), Cloud Security Requirements Guide (SRG), National Institute of Standards and Technology (NIST) guides, and Security Technical Implementation Guide (STIG)
- Understanding of the DOD requirements for the Network Topology, System Security Boundary, and Data Flow Diagrams
- Must have a current DoD IAM Level III certification (i.e. CISM, CISSP, GSLC, etc)
- Must be able to obtain a full Secret Clearance; Interim Secret required prior to start, SAIC will help to obtain
- Must be a current US Citizen
Vacancy expired!