Description
Description
SAIC is seeking a Principal Cyber Security Analyst to serve as NC3 Cybersecurity Analysts providing subject matter expertise as the focal point for all cybersecurity and Assessment and Authorization (A&A) activities supporting the Nuclear Command, Control, and Communication (NC3) Authorizing Official (AO).
This position is responsible for:
· Risk Management Framework (RMF) Assessment and Authorization (A&A) activities for NC3 systems and networks
· Providing cybersecurity advice, guidance, and assistance to the Authorizing Officials (AO) and staff, assigned Program Managers, Systems Managers, Security Control Assessors (SCAs) and Information System Security Managers (ISSMs)
· Packaging and review of A&A products created by the Program Management Offices (PMO) to comply with National, DoD, and USSTRATCOM NC3 cybersecurity policies
· Providing cybersecurity analysis supporting authorization decisions, risk analyses, mitigation strategies, and Federal and DoD cybersecurity compliance to ensure the confidentiality, integrity, and availability of NC3 Systems
· Work within the AO staff to provide solutions to cybersecurity process and technical challenges within the program in order to efficiently lead the A&A approvals process, oversee cybersecurity compliance efforts, analyze and minimize operational risk to the systems
The Principal Cyber Security Analyst/leader will possess a thorough understanding in a wide range of security tools, techniques and procedures, including the following efforts:
· Identifies cybersecurity vulnerabilities in DOD's NC3 systems and networking assets; determines mission risk and consults with and develops technical recommendations for CC/S/A owners on measures for mitigating cybersecurity risks ensuring delivery of a viable and robust NC3 cybersecurity posture.
· Reviews and evaluates NC3 security reports for cybersecurity issues; develops new methods and techniques to ensure actions are taken to correct and/or mitigate issues on DoD NC3 systems.
· Provides NC3 systems cybersecurity briefings, analysis, and recommendations for implementation to senior leaders as required.
· Analyze NC3 system cybersecurity assessments and findings, de-conflict, and normalize recommendations to senior leaders based upon assessment activities and results sought from varied venues. Provide summary of assessments within 2 days, highlighting newly identified vulnerabilities.
· Drafts, coordinates, and presents mission risk to NC3 missions IAW DoDI 8510.01. Assessments and products will be completed IAW SI 311-02 and will normally be technically accurate and include the most current information available.
· Researches, interprets, and analyzes broad guidance from Chairman Joint Chiefs of Staff (CJCS), Department of Defense (DOD), and other national regulations, policies, and guidelines
· Integrate changing DOD cybersecurity policies and USSTRATCOM NC3 initiatives through updates to Strategic Instructions, input on routine document reviews, and maintaining published guidance to the NC3 community.
· Conduct formal coordination via JSAP (and other methods) for event driven NC3 cybersecurity community tasking's and follow SI 901-02 for coordination and memorandums requiring flag-level signature.
· Maintain USSTRATCOM policies, procedures, methodologies, and the analytical framework to support accomplishment of cybersecurity information system and mission risk assessments for NC3 systems/missions.
· Researches, analyzes and understands the interrelationships between systems within a functional mission area.
· Develops/updates/maintains the analytical framework and methodologies based on higher level guidance to assess mission risk within a functional mission area based on system level impacts.
· Establishes, develops, and maintains effective working relationships and partnerships with Combatant Commands, Services, and Agencies to promote NC3 cybersecurity efforts and USSTRATCOM's NC3 cybersecurity vision.
· Participates in special projects and initiatives and performs special assignments. Identifies the need for special projects and identifies milestones and goals.
· Develops agendas, decision topics, obtains briefings and information papers for meetings.
· Ensures accurate documentation of meeting action items and minutes for Senior Staff review
Qualifications
TYPICAL EDUCATION AND EXPERIENCE: Bachelors and nine (9) years or more experience; Masters and seven (7) years or more experience ; PhD or JD and four (4) years or more experience.
· Three-year' experience working with the DOD cybersecurity major driving policies- DoD 8510.01 (RMF), DoDI 8500 series (Cybersecurity), and CNSSI 1253
· Experience in RMF process across the Navy, Air Force, Space Force, and Intelligence cybersecurity communities
· Three-year' experience as Cybersecurity Analyst on DOD projects and/or systems of similar scope
· DoD-M 8570.1-M certified at all times, with new hires taking no more than 6 months to obtain the relevant certification
Must have active TS/SCI Clearance
SAIC accepts applications on an ongoing basis and there is no deadline.
Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.
Apply on company website
Find Connections via Linkedin
