SAIC
Principal Cyber Engineer
SAIC, Colorado Springs, Colorado, United States, 80509
Description
SAIC is seeking qualified applicants for RMF Engineer/ISSM (Information Systems Security Manager) to provide Risk Management Framework (RMF) in support the North American Aerospace Defense Command/United States Northern Command (N&NC) Information Technology (IT) Enterprise Services (NITES) contract, with primary work onsite in Colorado Springs.
The candidate selected for this position:Oversees system registration and record within eMASS to support the Risk Management Framework (RMF) process and authorization for N&NC Enterprise to ensure compliance and mitigate riskAssure standards consistent to meet and exceed standards to minimize risks and remain Cyber Operational Readiness Assessment (CORA) ready statusManage continious Cyber Security posture of enterprise systems and identify mitigations to meet DoDD 85001, DoDI 85002, DoDI 851001, DoD 857001-M, and NIST SP800-53Understands scans from ACAS, SCAP, and/or other approved tools to determine security posture of systems to develop/maintain Authority to Operate (ATO) for systems and enclavesRefine the determination of the system categorization is accordance with CNSSI 1253 in areas of Confidentiality, Integrity, and Availability as information types and system interconnections changeManage development/maintenance of Security Plans, ensuring proper Security Technical Implementation Guides (STIGs) are applied for each system and enclaveEnsure that all findings are properly documented in the Plan of Action and Milestones (POA&M) on an on-going basisCreate and refine correct policies, procedures, and artifacts necessary to ensure controls are metQualifications
Qualifications
Required:IAM Level III certification required per DoD 8570, current CISSP, CISM, or GSLC certificationBS or equivalent work experience in the Information Assurance / Cybersecurity field8+ years of overall IT security experience2+ years of experience as a primary ISSO or security compliance lead for an IT systemDirect experience in RMF artifacts and eMass tracking of recordsExperience creating, tracking, and completion of Plans of Action and Milestones (POA&Ms) for resolving security control deficienciesTS/SCI security clearanceGuide working groups and teams for Milestone Reviews, Configuration Management, etcPrepare/conduct cybersecurity presentations and make cybersecurity risk recommendationsProvide status updates to System Owners and leadershipProvide monthly status report to reflect the activities accomplished, issues, and path forwardDesired:Security Information and Event Management (SIEM) ExperienceAbility to work in a team focused, dynamic environmentCross Domain Solutions Certification ExperienceMust be flexible, independent, and self-motivatedMust be punctual with regular and consistent attendanceTarget salary range: $120,001 - $160,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.
SAIC accepts applications on an ongoing basis and there is no deadline.
Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.
SAIC is seeking qualified applicants for RMF Engineer/ISSM (Information Systems Security Manager) to provide Risk Management Framework (RMF) in support the North American Aerospace Defense Command/United States Northern Command (N&NC) Information Technology (IT) Enterprise Services (NITES) contract, with primary work onsite in Colorado Springs.
The candidate selected for this position:Oversees system registration and record within eMASS to support the Risk Management Framework (RMF) process and authorization for N&NC Enterprise to ensure compliance and mitigate riskAssure standards consistent to meet and exceed standards to minimize risks and remain Cyber Operational Readiness Assessment (CORA) ready statusManage continious Cyber Security posture of enterprise systems and identify mitigations to meet DoDD 85001, DoDI 85002, DoDI 851001, DoD 857001-M, and NIST SP800-53Understands scans from ACAS, SCAP, and/or other approved tools to determine security posture of systems to develop/maintain Authority to Operate (ATO) for systems and enclavesRefine the determination of the system categorization is accordance with CNSSI 1253 in areas of Confidentiality, Integrity, and Availability as information types and system interconnections changeManage development/maintenance of Security Plans, ensuring proper Security Technical Implementation Guides (STIGs) are applied for each system and enclaveEnsure that all findings are properly documented in the Plan of Action and Milestones (POA&M) on an on-going basisCreate and refine correct policies, procedures, and artifacts necessary to ensure controls are metQualifications
Qualifications
Required:IAM Level III certification required per DoD 8570, current CISSP, CISM, or GSLC certificationBS or equivalent work experience in the Information Assurance / Cybersecurity field8+ years of overall IT security experience2+ years of experience as a primary ISSO or security compliance lead for an IT systemDirect experience in RMF artifacts and eMass tracking of recordsExperience creating, tracking, and completion of Plans of Action and Milestones (POA&Ms) for resolving security control deficienciesTS/SCI security clearanceGuide working groups and teams for Milestone Reviews, Configuration Management, etcPrepare/conduct cybersecurity presentations and make cybersecurity risk recommendationsProvide status updates to System Owners and leadershipProvide monthly status report to reflect the activities accomplished, issues, and path forwardDesired:Security Information and Event Management (SIEM) ExperienceAbility to work in a team focused, dynamic environmentCross Domain Solutions Certification ExperienceMust be flexible, independent, and self-motivatedMust be punctual with regular and consistent attendanceTarget salary range: $120,001 - $160,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.
SAIC accepts applications on an ongoing basis and there is no deadline.
Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.