Description
JOB DESCRIPTION:
SAIC is seeking a Principal Security Control Assessor that will possess a thorough understanding in a wide range of security tools, techniques and procedures, including the following efforts:
. Identifies cybersecurity vulnerabilities in DOD's NC3 systems and networking assets; determines mission risk and consults with and develops technical recommendations for CC/S/A owners on measures for mitigating cybersecurity risks ensuring delivery of a viable and robust NC3 cybersecurity posture.
. Reviews and evaluates NC3 security reports for cybersecurity issues; develops new methods and techniques to ensure actions are taken to correct and/or mitigate issues on DoD NC3 systems.
. Provides NC3 systems cybersecurity briefings, analysis, and recommendations for implementation to senior leaders as required.
. Analyze NC3 system cybersecurity assessments and findings, de-conflict, and normalize recommendations to senior leaders based upon assessment activities and results sought from varied venues. Provide summary of assessments within 2 days, highlighting newly identified vulnerabilities.
. Drafts, coordinates, and presents mission risk to NC3 missions IAW DoDI 8510.01. Assessments and products will be completed IAW SI 311-02 and will normally be technically accurate and include the most current information available.
. Researches, interprets, and analyzes broad guidance from Chairman Joint Chiefs of Staff (CJCS), Department of Defense (DOD), and other national regulations, policies, and guidelines
. Integrate changing DOD cybersecurity policies and USSTRATCOM NC3 initiatives through updates to Strategic Instructions, input on routine document reviews, and maintaining published guidance to the NC3 community.
. Conduct formal coordination via JSAP (and other methods) for event driven NC3 cybersecurity community tasking's and follow SI 901-02 for coordination and memorandums requiring flag-level signature.
. Maintain USSTRATCOM policies, procedures, methodologies, and the analytical framework to support accomplishment of cybersecurity information system and mission risk assessments for NC3 systems/missions.
. Researches, analyzes and understands the interrelationships between systems within a functional mission area.
. Develops/updates/maintains the analytical framework and methodologies based on higher level guidance to assess mission risk within a functional mission area based on system level impacts.
. Establishes, develops, and maintains effective working relationships and partnerships with Combatant Commands, Services, and Agencies to promote NC3 cybersecurity efforts and USSTRATCOM's NC3 cybersecurity vision.
. Participates in special projects and initiatives and performs special assignments. Identifies the need for special projects and identifies milestones and goals.
. Develops agendas, decision topics, obtains briefings and information papers for meetings.
. Ensures accurate documentation of meeting action items and minutes for Senior Staff review.
Qualifications
Qualifications - External
TYPICAL EDUCATION AND EXPERIENCE: Bachelors and nine (9) years or more experience; Masters and seven (7) years or more experience ; PhD or JD and four (4) years or more experience.
Clearance required to start: Top Secret/SCI or DoE Q Must be a US citizen required certification compliance:
Three-year' experience working with the DOD cybersecurity major driving policies- DoD 8510.01 (RMF), DoDI 8500 series (Cybersecurity), and CNSSI 1253
Experience in RMF process across the Navy, Air Force, Space Force, and Intelligence cybersecurity communities
Experience creating Plan of Action & Milestones to meet RMF controls, familiarity with eMASS tool, reviewing security artifacts, etc. ,
Three-year' experience as Cybersecurity Analyst on DOD projects and/or systems of similar scope.
DoD-M 8570.1-M certified at all times, with new hires taking no more than 6 months to obtain the relevant certification
Desired Qualifications
One year of experience working with SharePoint and website management, Microsoft Excel experience
SAIC accepts applications on an ongoing basis and there is no deadline.
Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site. REQNUMBER: 2412017
SAIC is a premier technology integrator, solving our nation's most complex modernization and systems engineering challenges across the defense, space, federal civilian, and intelligence markets. Our robust portfolio of offerings includes high-end solutions in systems engineering and integration; enterprise IT, including cloud services; cyber; software; advanced analytics and simulation; and training. We are a team of 23,000 strong driven by mission, united purpose, and inspired by opportunity. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $6.5 billion. For more information, visit saic.com. For information on the benefits SAIC offers, see Working at SAIC. EOE AA M/F/Vet/Disability