SAIC is seeking a Senior Cyberspace Operations Analyst to join our team! This individual should be a self-starter with one to three years of experience in Information Technology (IT) security compliance to join a Cybersecurity team for a Federal civilian contract.
- Update the following security documents: FIPS 199 System Security Categorization, System Security Plans, and Control Implementation Statements.
- Assist with updates to the following documents: Business Impact Analysis (BIA), Privacy Threshold Analysis (PTA), Privacy Impact Analysis (PIA), Contingency Plan (CP) and Incident Response Plan (IRP).
- Complete assigned work to predefined criteria and on-time.
- Assist with the execution of Contingency Plan testing and Incident Response testing and post-testing documentation.
- Run scheduled and on-demand web application scans using web application scanning tools.
- Manage the workflow needed to ensure requirements have been met for individuals requesting logical access to targeted IT systems.
- Record in the Plan of Action and Milestone (POA&M) document vulnerabilities as defined by Agency policies.
- Maintain working procedures for tasks and workflows for which you bear the primary responsibility to complete.
- Must be knowledgeable about and in compliance with SAIC and Agency policies and procedures related to the performance of assigned job responsibilities.
Required Skills and Knowledge:
- Ability to work independently to complete Assessment and Authorization (A&A) documents that are clearly and concisely written and in compliance with Agency and team requirements.
- Strong interpersonal communication skills with a particular emphasis on being able to interview Subject Matter Experts (SMEs) to obtain technical information needed in security documents.
- Knowledge of and experience applying the information in the following NIST documents: 800-60 volumes I and II, NIST 800-37 rev 2, NIST 800-53 rev 4, and NIST 800-53, rev 5.
- Understanding of the Plan of Action and Milestone (POA&M) process/lifecycle for IT systems.
- Computer Skills: Word, Excel, Google Apps for Business, Video Conferencing.
Desired Skills and Knowledge:
- Ability to run authenticated and unauthenticated vulnerability scans of web applications.
- Analysis of scan results to determine false/positives.
- Experience working with SMEs to develop the plans needed to close POA&Ms and documenting POA&Ms in POA&M documents.
- Experience writing procedures for the completion of daily/routine tasks and workflows.
Education and Experience Requirements:
- Bachelors and five (5) years or more experience; Masters and three (3) years or more experience; PhD and 0 years related experience.
- 5 years’ experience in information systems with one to three years' of experience working on an A&A team independently completing A&A documents for low and moderate FISMA IT systems.
- Proven track record of completing A&A documents on-time and to requirements.
- Experience working on A&A documents independently and working with SMEs to obtain required information for security documents.
Target salary range: $75,001 - $100,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.