Today
Secret
Unspecified
Unspecified
IT - Security
Middletown, RI (On-Site/Office)
Description
SAIC is seeking a Senior Cyber GRC Analyst to work in Middletown, RI. The ideal candidate will leverage technical and information assurance (IA) expertise to monitor our customers' computing systems, networks, and environments to detect, correct, and mitigate security policy non-compliance, vulnerabilities, and risks that potentially jeopardize national security. You will have the opportunity to work with multi-disciplined engineering teams and organizations to develop and implement security strategies to mitigate security risks for mission-critical information systems, networks, and computing environments. Your talents, perspectives, and efforts will contribute directly to the safeguarding of valuable weapon systems and data, ensuring positive mission outcomes. Role may include travel.
Job Duties:
Qualifications
Qualifications:
SAIC is seeking a Senior Cyber GRC Analyst to work in Middletown, RI. The ideal candidate will leverage technical and information assurance (IA) expertise to monitor our customers' computing systems, networks, and environments to detect, correct, and mitigate security policy non-compliance, vulnerabilities, and risks that potentially jeopardize national security. You will have the opportunity to work with multi-disciplined engineering teams and organizations to develop and implement security strategies to mitigate security risks for mission-critical information systems, networks, and computing environments. Your talents, perspectives, and efforts will contribute directly to the safeguarding of valuable weapon systems and data, ensuring positive mission outcomes. Role may include travel.
Job Duties:
- Categorizes systems and information stored/processed on the system based on FIPS199 and/or NIST 800-60.
- Selects initial baseline of applicable security controls based on FIPS 200 and/or NIST 800-53.
- May supplement the baseline with further security controls in accordance with organizational policy. Implements security controls based on numerous NIST Special Publication guidance documents, including 800-34, 800-64, and 800-128.
- Specifically and functionally documents implemented security controls.
- Assesses security controls based on NIST 800-53A to ensure they are implemented correctly and effectively.
- May perform testing to verify and validate.
- Ensures systems are authorized based on NIST 800-37.
- Ensures continuous monitoring is achieved based on NIST 800-137, 800-37, 800-53A, and/or other special publications.
- May perform internal auditing functions in support of ISO/IEC standards, such as 9000, 20000, 27001, etc.
- May work with external auditors to ensure these actions have been performed to industry standards.
- May perform policy analysis activities to author or support the authoring of new enterprise policy.
Qualifications
Qualifications:
- B.S. Degree in a STEM field and nine (9) years of experience; years of experience accepted in lieu of degree.
- Must already possess minimum of interim SECRET clearance with the ability to obtain and maintain TOP SECRET clearance.
- Strong understanding of DoD security policies and guidelines, including Risk Management Framework (RMF).
- Experience with managing and implementing security controls and requirements for DoD information systems.
- Experience with conducting security assessments.
- Familiarity with security technologies such as firewalls, intrusion detection and prevention systems, and vulnerability assessment tools.
- Excellent written and verbal communication skills.
- Ability to work independently and in a team environment.
- Ability to travel as required.
- DoD 8570 IAT Level III or IAM Level II+ (CISSP, CISM, CCNP Security, CISA, CASP+).
- Experience with SSBN/Ballistic Missile Submarines and Navy combat/weapon systems is extremely desired.
group id: 10111346
