SAIC
Description
SAIC is seeking qualified applicants for RMF Engineer/ISSM (Information Systems Security Manager) to provide Risk Management Framework (RMF) in support of the North American Aerospace Defense Command/United States Northern Command (N&NC) Information Technology (IT) Enterprise Services (NITES) contract, with primary work onsite in Colorado Springs.
The candidate selected for this position:
Oversees system registration and record within eMASS to support the Risk Management Framework (RMF) process and authorization for N&NC Enterprise to ensure compliance and mitigate risk
Assure standards consistent to meet and exceed standards to minimize risks and remain Cyber Operational Readiness Assessment (CORA) ready status
Manage continuous Cyber Security posture of enterprise systems and identify mitigations to meet DoDD 8500.01, DoDI 8510.01, DoDD 8140.01, and NIST SP800-53
Understands scans from ACAS, SCAP, and/or other approved tools to determine security posture of systems to develop/maintain Authority to Operate (ATO) for systems and enclaves
Refine the determination of the system categorization is accordance with CNSSI 1253 in areas of Confidentiality, Integrity, and Availability as information types and system interconnections change
Manage development/maintenance of Security Plans, ensuring proper Security Technical Implementation Guides (STIGs) are applied for each system and enclave
Ensure that all findings are properly documented in the Plan of Action and Milestones (POA&M) on an on-going basis
Create and refine correct policies, procedures, and artifacts necessary to ensure controls are met
Qualifications
Required:
BS with 5 years experience or equivalent work experience in the Information Assurance / Cybersecurity field. Additional years of experience can be considered in lieu of a degree
TS/SCI security clearance
Certification required per DoDD 8140.03, current CISSP, CISM, GSLC, or equivalent Advanced level ISSM certification
2+ years of experience as a primary ISSO or security compliance lead for an IT system
Direct experience in RMF artifacts and eMass tracking of records
Experience creating, tracking, and completion of Plans of Action and Milestones (POA&Ms) for resolving security control deficiencies
Guide working groups and teams for Milestone Reviews, Configuration Management, etc.
Prepare/conduct cybersecurity presentations and make cybersecurity risk recommendations
Provide status updates to System Owners and leadership
Provide monthly status report to reflect the activities accomplished, issues, and path forward
Desired:
Security Information and Event Management (SIEM) Experience
Ability to work in a team focused, dynamic environment
Cross Domain Solutions Certification Experience
Must be flexible, independent, and self-motivated
Must be punctual with regular and consistent attendance
Target salary range: $80,001 - $120,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.
REQNUMBER: 2509484
SAIC is a premier technology integrator, solving our nation's most complex modernization and systems engineering challenges across the defense, space, federal civilian, and intelligence markets. Our robust portfolio of offerings includes high-end solutions in systems engineering and integration; enterprise IT, including cloud services; cyber; software; advanced analytics and simulation; and training. We are a team of 23,000 strong driven by mission, united purpose, and inspired by opportunity. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $6.5 billion. For more information, visit saic.com. For information on the benefits SAIC offers, see Working at SAIC. EOE AA M/F/Vet/Disability
SAIC is seeking qualified applicants for RMF Engineer/ISSM (Information Systems Security Manager) to provide Risk Management Framework (RMF) in support of the North American Aerospace Defense Command/United States Northern Command (N&NC) Information Technology (IT) Enterprise Services (NITES) contract, with primary work onsite in Colorado Springs.
The candidate selected for this position:
Oversees system registration and record within eMASS to support the Risk Management Framework (RMF) process and authorization for N&NC Enterprise to ensure compliance and mitigate risk
Assure standards consistent to meet and exceed standards to minimize risks and remain Cyber Operational Readiness Assessment (CORA) ready status
Manage continuous Cyber Security posture of enterprise systems and identify mitigations to meet DoDD 8500.01, DoDI 8510.01, DoDD 8140.01, and NIST SP800-53
Understands scans from ACAS, SCAP, and/or other approved tools to determine security posture of systems to develop/maintain Authority to Operate (ATO) for systems and enclaves
Refine the determination of the system categorization is accordance with CNSSI 1253 in areas of Confidentiality, Integrity, and Availability as information types and system interconnections change
Manage development/maintenance of Security Plans, ensuring proper Security Technical Implementation Guides (STIGs) are applied for each system and enclave
Ensure that all findings are properly documented in the Plan of Action and Milestones (POA&M) on an on-going basis
Create and refine correct policies, procedures, and artifacts necessary to ensure controls are met
Qualifications
Required:
BS with 5 years experience or equivalent work experience in the Information Assurance / Cybersecurity field. Additional years of experience can be considered in lieu of a degree
TS/SCI security clearance
Certification required per DoDD 8140.03, current CISSP, CISM, GSLC, or equivalent Advanced level ISSM certification
2+ years of experience as a primary ISSO or security compliance lead for an IT system
Direct experience in RMF artifacts and eMass tracking of records
Experience creating, tracking, and completion of Plans of Action and Milestones (POA&Ms) for resolving security control deficiencies
Guide working groups and teams for Milestone Reviews, Configuration Management, etc.
Prepare/conduct cybersecurity presentations and make cybersecurity risk recommendations
Provide status updates to System Owners and leadership
Provide monthly status report to reflect the activities accomplished, issues, and path forward
Desired:
Security Information and Event Management (SIEM) Experience
Ability to work in a team focused, dynamic environment
Cross Domain Solutions Certification Experience
Must be flexible, independent, and self-motivated
Must be punctual with regular and consistent attendance
Target salary range: $80,001 - $120,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.
REQNUMBER: 2509484
SAIC is a premier technology integrator, solving our nation's most complex modernization and systems engineering challenges across the defense, space, federal civilian, and intelligence markets. Our robust portfolio of offerings includes high-end solutions in systems engineering and integration; enterprise IT, including cloud services; cyber; software; advanced analytics and simulation; and training. We are a team of 23,000 strong driven by mission, united purpose, and inspired by opportunity. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $6.5 billion. For more information, visit saic.com. For information on the benefits SAIC offers, see Working at SAIC. EOE AA M/F/Vet/Disability