Posted 6 days ago
Top Secret/SCI
$80,001 - $120,000
Unspecified
Colorado Springs, CO (On-Site/Office)
Description
SAIC is seeking qualified applicants for the role of Risk Management Framework (RMF) Analyst. This position provides information assurance and cybersecurity support for the North American Aerospace Defense Command (NORAD) and United States Northern Command (USNORTHCOM) (N&NC) Information Technology (IT) Enterprise Services (NITES) contract. The primary work location for this role is onsite in Colorado Springs.
The candidate selected for this position will:
Qualifications
Qualifications:
Required:
Desired:
Target salary range: $80,001 - $120,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.
SAIC is seeking qualified applicants for the role of Risk Management Framework (RMF) Analyst. This position provides information assurance and cybersecurity support for the North American Aerospace Defense Command (NORAD) and United States Northern Command (USNORTHCOM) (N&NC) Information Technology (IT) Enterprise Services (NITES) contract. The primary work location for this role is onsite in Colorado Springs.
The candidate selected for this position will:
- Oversee system registration and record-keeping within eMASS to support the RMF process and authorization for the N&NC Enterprise, ensuring compliance and risk mitigation.
- Ensure standards are met and exceeded to minimize risks and maintain Cyber Operational Readiness Assessment (CORA) status.
- Manage the continuous cybersecurity posture of enterprise systems and identify mitigations to comply with DoDD 8500.01, DoDI 8510.01, DoDD 8140.01, and NIST SP800-53.
- Analyze scans from ACAS, SCAP, and other approved tools to determine the security posture of systems and develop/maintain Authority to Operate (ATO) for systems and enclaves.
- Refine system categorization determinations according to CNSSI 1253, considering Confidentiality, Integrity, and Availability as information types and system interconnections evolve.
- Oversee the development and maintenance of System Security Plans (SSPs), ensuring the appropriate Security Technical Implementation Guides (STIGs) are applied to each system and enclave.
- Ensure that all findings are properly documented in the Plan of Action and Milestones (POA&M) on an on-going basis
- Create and refine correct policies, procedures, and artifacts necessary to ensure security controls are being met.
Qualifications
Qualifications:
Required:
- Certification required per DoDD 8570, Security+
- Preferred certification is SecurityX
- Bachelor's degree plus 5 years of experience, or equivalent work experience in the Information Assurance / Cybersecurity field
- 2+ years of experience preferred as a primary ISSO or security compliance lead for an IT system
- Direct experience in RMF artifacts and eMASS tracking of records
- Experience creating, tracking, and completion of POA&Ms for resolving security control deficiencies
- TS/SCI security clearance
- Ability to guide working groups and teams for milestone reviews, configuration management changes, etc.
- Prepare and conduct cybersecurity presentations, making cybersecurity risk recommendations
- Provide status updates to System Owners and leadership
- Provide monthly status report to reflect the activities accomplished, issues, and pathway forward
Desired:
- Experience with Security Information and Event Management (SIEM) solutions
- Ability to work in a team-focused, dynamic environment
- Experience certifying Cross Domain Solutions
- Must be flexible, independent, and self-motivated
- Must be punctual with regular and consistent attendance
Target salary range: $80,001 - $120,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.
group id: 10111346
