Description
Description
SAIC is looking for a person to create cyber policy in support of the mission to ensure the security of our Intel customer's enterprise. The person will be doing the process reengineering and policy creation for the establishment of the CISO's operating environment in a classified IT operational environment.
Seeking an individual with a strong policy writing skills, Risk Management Framework (RMF), Federal Information Security Modernization Act (FISMA), and Cyber Security experience. Must demonstrate education, training, certifications, and work experience demonstrating at least one area of cyber security e.g., SOC analyst, security policy, security controls assessor, ISSO, forensics, malware analysis, CS engineering, cryptography, Cloud security (AWS, Google, MS).
Motivated self-starter who follows direction, but does not require step-by-step instructions and then takes appropriate action
- Review current cyber policy and re-write them to take current considerations into account.
- Create new cyber policy based on NIST 800-53.
- Assist with the RMF processes as projects/systems that go through the Project Review Board for validation.
- Provide recommendation on continuous improvement of the processes, policies, and architecture supporting the overall Cyber operational activities.
- Identify and provide an agile approach to the automation of any manual or inefficient processes and or policies that exist across the cyber defense program.
- Ability to write concisely in a journalistic manner that quickly summarizes salient information.
- Ability to work and communicate effectively with senior leaders and managers and across divisions.
- Ability to look strategically for opportunities for growth and efficiency.
Qualifications
- Active TS/SCI with polygraph security clearance is required
- Bachelor degree
- Any cybersecurity certification such as Security+, CISSP, CISM, ISSMP, etc.
- 3+ years of cyber policy writing experience
- Experience with NIST 800-53 security controls policy writing
- 5+ years of Cyber/Risk Management type of experience
- 9+ years of overall professional experience
- Experience in Risk Management Framework and cyber security operations
- Experience in creating (from scratch) and managing Cyber policies and procedure for a Cyber office
- Experience creating and managing a (FISMA) formal incident response plan
- Experience responding to Zero-Day
- Experience coordinating with Continuous Monitoring teams
- Excellent problem solving skills a must
- Excellent verbal and written communication skills
Target salary range: $160,001 - $200,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.
Apply on company website
Find Connections via Linkedin
