Principal Cyber Security Analyst

Description

SAIC is seeking a Principal Cyber Security Analyst to serve as NC3 Cybersecurity Analysts providing subject matter expertise as the focal point for all cybersecurity and Assessment and Authorization (A&A) activities supporting the Nuclear Command, Control, and Communication (NC3) Authorizing Official (AO).

This position is responsible for

• Risk Management Framework (RMF) Assessment and Authorization (A&A) activities for NC3 systems and networks

• Providing cybersecurity advice, guidance, and assistance to the Authorizing Officials (AO) and staff, assigned Program Managers, Systems Managers, Security Control Assessors (SCAs) and Information System Security Managers (ISSMs)

• Packaging and review of A&A products created by the Program Management Offices (PMO) to comply with National, DoD, and USSTRATCOM NC3 cybersecurity policies

• Providing cybersecurity analysis supporting authorization decisions, risk analyses, mitigation strategies, and Federal and DoD cybersecurity compliance to ensure the confidentiality, integrity, and availability of NC3 Systems

• Work within the AO staff to provide solutions to cybersecurity process and technical challenges within the program in order to efficiently lead the A&A approvals process, oversee cybersecurity compliance efforts, analyze and minimize operational risk to the systems

The Principal Cyber Security Analyst/leader will possess a thorough understanding in a wide range of security tools, techniques and procedures, including the following efforts:

• Identifies cybersecurity vulnerabilities in DOD's NC3 systems and networking assets; determines mission risk and consults with and develops technical recommendations for CC/S/A owners on measures for mitigating cybersecurity risks ensuring delivery of a viable and robust NC3 cybersecurity posture.

• Reviews and evaluates NC3 security reports for cybersecurity issues; develops new methods and techniques to ensure actions are taken to correct and/or mitigate issues on DoD NC3 systems.

• Provides NC3 systems cybersecurity briefings, analysis, and recommendations for implementation to senior leaders as required.

• Analyze NC3 system cybersecurity assessments and findings, de-conflict, and normalize recommendations to senior leaders based upon assessment activities and results sought from varied venues. Provide summary of assessments within 2 days, highlighting newly identified vulnerabilities.

• Drafts, coordinates, and presents mission risk to NC3 missions IAW DoDI 8510.01. Assessments and products will be completed IAW SI 311-02 and will normally be technically accurate and include the most current information available.

• Researches, interprets, and analyzes broad guidance from Chairman Joint Chiefs of Staff (CJCS), Department of Defense (DOD), and other national regulations, policies, and guidelines

• Integrate changing DOD cybersecurity policies and USSTRATCOM NC3 initiatives through updates to Strategic Instructions, input on routine document reviews, and maintaining published guidance to the NC3 community.

• Conduct formal coordination via JSAP (and other methods) for event driven NC3 cybersecurity community tasking's and follow SI 901-02 for coordination and memorandums requiring flag-level signature.

• Maintain USSTRATCOM policies, procedures, methodologies, and the analytical framework to support accomplishment of cybersecurity information system and mission risk assessments for NC3 systems/missions.

• Researches, analyzes and understands the interrelationships between systems within a functional mission area.

• Develops/updates/maintains the analytical framework and methodologies based on higher level guidance to assess mission risk within a functional mission area based on system level impacts.

• Establishes, develops, and maintains effective working relationships and partnerships with Combatant Commands, Services, and Agencies to promote NC3 cybersecurity efforts and USSTRATCOM's NC3 cybersecurity vision.

• Participates in special projects and initiatives and performs special assignments. Identifies the need for special projects and identifies milestones and goals.

• Develops agendas, decision topics, obtains briefings and information papers for meetings.

• Ensures accurate documentation of meeting action items and minutes for Senior Staff review

Qualifications

TYPICAL EDUCATION AND EXPERIENCE: Bachelors and nine (9) years or more experience; Masters and seven (7) years or more experience ; PhD or JD and four (4) years or more experience.

• Three-year' experience working with the DOD cybersecurity major driving policies- DoD 8510.01 (RMF), DoDI 8500 series (Cybersecurity), and CNSSI 1253

• Experience in RMF process across the Navy, Air Force, Space Force, and Intelligence cybersecurity communities

• Three-year' experience as Cybersecurity Analyst on DOD projects and/or systems of similar scope

• DoD-M 8570.1-M certified at all times, with new hires taking no more than 6 months to obtain the relevant certification

Must have active TS/SCI Clearance

SAIC accepts applications on an ongoing basis and there is no deadline.

Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site. REQNUMBER: 2405345

SAIC is a premier technology integrator, solving our nation's most complex modernization and systems engineering challenges across the defense, space, federal civilian, and intelligence markets. Our robust portfolio of offerings includes high-end solutions in systems engineering and integration; enterprise IT, including cloud services; cyber; software; advanced analytics and simulation; and training. We are a team of 23,000 strong driven by mission, united purpose, and inspired by opportunity. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $6.5 billion. For more information, visit ~~~. For information on the benefits SAIC offers, see Working at SAIC. EOE AA M/F/Vet/Disability