Description
Description
SAIC is seeking a Senior Information Systems Security Analyst to support a critical U.S. government agency in the National Capital Region. This senior-level role is focused on the development and maintenance of tailored NIST SP 800-53 Rev. 5 control implementation statements to support system authorizations (ATO), continuous monitoring, and broader compliance initiatives. The analyst will work closely with system owners, engineers, and cybersecurity stakeholders to ensure accurate documentation of technical and operational security practices across complex hybrid environments.
This is an excellent opportunity for a seasoned cybersecurity professional with hands-on experience in federal ATO processes, technical writing, and security architecture who is eager to contribute to the maturity of system security documentation and governance activities.
Responsibilities:
• Develop and maintain detailed, system-specific NIST SP 800-53 Rev. 5 control implementation statements for hybrid and cloud-based environments.
• Collaborate with SMEs, system owners, engineers, and ISSOs to validate technical control implementations.
• Translate technical configurations and operational practices into clear, compliant documentation aligned with RMF and assessment procedures.
• Identify and document control inheritance opportunities and shared responsibilities across systems and environments.
• Review and edit control narratives for accuracy, completeness, and consistency with assessment objectives.
• Support ATO-related efforts, including system authorizations, re-authorizations, and continuous monitoring documentation.
• Conduct gap analyses and readiness reviews to assess the completeness of control implementations.
• Support audits, security assessments, and reviews by producing high-quality, well-documented control statements and evidence.
• Document control deficiencies and support creation of POA&Ms for remediation planning.
• Stay current with updates to federal guidance, including NIST 800-53, NIST 800-37, FedRAMP, RMF, and CMMC.
• Assist in the development and revision of system security plans (SSPs), POA&Ms, and related documentation.
• Support continuous security monitoring for control compliance and documentation accuracy.
• Assist in the creation and update of security policies, procedures, and technical guidance.
• Contribute to reports, briefings, schedules, and project plans in both written and oral formats.
Qualifications
Requirements:
• Bachelor's degree and 9+ years of IT security or IT controls experience in technical environments, or a Master's degree and 7+ years of experience.
• Hands-on experience implementing and documenting security controls in system engineering, administration, or related technical roles.
• Strong working knowledge of NIST SP 800-53, RMF, CSF, and federal ATO processes (FISMA, FedRAMP, CMMC).
• Experience supporting the development of SSPs, POA&Ms, SARs, and other RMF documentation.
• Familiarity with hybrid IT environments and platforms such as Microsoft Office 365, Azure, Cisco, and Oracle.
• Excellent technical writing skills with the ability to produce deliverables requiring minimal revisions.
• Strong collaboration and communication skills, including the ability to convey complex technical content to diverse stakeholders.
• Proficiency in Microsoft Office applications, including Word, Excel, PowerPoint, and SharePoint.
Preferred Qualifications:
• One or more current certifications such as CISSP, CISM, CAP, CISA, or Security+.
• Experience with cloud security principles and tools (AWS, Azure, GCP).
• Familiarity with GRC platforms such as Archer, eMASS, CSAM, or Xacta.
• Understanding of OMB M-22-09, Executive Order 14028, and current federal cybersecurity policy landscape.
• Working knowledge of network security principles (e.g., firewalls, IDS/IPS, VPNs, segmentation).
• Awareness of evolving threats and emerging IT security standards.
Clearance Requirement:
All candidates must be eligible to obtain and maintain a U.S. Public Trust clearance.
**This hybrid role requires a minimum of three on-site days per week in Washington, DC.**
Target salary range: $80,001 - $120,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.
Apply on company website
Find Connections via Linkedin
