Overview
On Site
Full Time
Skills
Risk management framework
NIST 800-53
Information system security
Information systems
Control system
Continuous monitoring
Security controls
System security
Test plans
Security analysis
Risk assessment
Security clearance
Endpoint protection
Technical writing
Information Technology
Systems engineering
Federal government
SAP GRC
EDIS
ISSE
Cyber security
Network
DoD
Satellite
Migration
Cloud computing
Hosting
Computer hardware
STIG
Regulatory Compliance
SSP
Authorization
Management
Design
Reporting
SAR
PO
ISSM
Leadership
IC
SCA
Customer engagement
CISM
CISSP
GSLC
XACTA
eMASS
Articulate
Nessus
SolarWinds
SCAP
IMPACT
Communication
SAP
SAP BASIS
Policies
FOCUS
Job Details
Job ID: 2404907
Location: KIRTLAND AFB, NM, US
Date Posted: 2024-04-03
Category: Cyber
Subcategory: Cyber GRC
Schedule: Full-time
Shift: Day Job
Travel: No
Minimum Clearance Required: Top Secret
Clearance Level Must Be Able to Obtain: TS/SCI
Potential for Remote Work: No
Description
SAIC and the Engineering, Development, Integration and Sustainment (EDIS) team are looking for an Information Systems Security Engineer (ISSE) to work with our Space Systems Command (SSC) customer at Kirtland AFB in Albuquerque, New Mexico. We want you to join our qualified and diverse team of professional Cybersecurity SMEs, where you can apply your talents to take our team to new levels of performance. You will leverage your subject matter expertise in applications, systems, network cybersecurity, and DoD Risk Management Framework (RMF) requirements to provide expert ISSE support to various satellite ground command and control systems at multiple classification levels, undergoing system modernization - to include migration to the cloud and co-hosting multiple mission partners.
Steps to success:
Review all software, hardware, and infrastructure changes on the systems, following the RMF process to support system accreditation.
Support continuous monitoring and security mitigation.
Assess NIST 800-53 security controls, DISA Security Technical Implementation Guides (STIGs), and Assured Compliance Assessment Solution (ACAS) scans.
Author System Security Plans (SSP), NIST 800-53 control implementation plans, and Systems Security Test Plans.
Create system authorization boundary diagrams encompassing traceability back to Hardware, Software, and Ports Protocols and Services Management (PPSM) lists.
Participate in the design, development, and implementation of information systems to ensure these systems comply with regulatory security features and safeguards.
Manage Security Assessment Report (SAR) and its Plan of Actions and Milestones (PO&AM).
Interact frequently with the appointed Information System Security Officer, Information System Security Manager (ISSM), and/or senior govt leadership.
Provide clear justification describing the satisfaction all applicable security control implementation as specified by the IC, AO, or NIST-800-53, rev 5.
Prepare for and assist with formal risk assessments conducted by the AOs designated Security Control Assessors (SCA) while acting as a member of the security assessment team.
Qualifications
Expertise Essentials:
Have a active Top Secret security clearance with SCI eligibility. Must be able to obtain and maintain a TS/SCI indoctrination and subsequent special access program level read in.
Bachelor's degree in cybersecurity or related field and 9 years of relevant experience. Can substitute 4 additional years of experience in lieu of degree.
DoD 8570.1 IAM Level II certifications, e.g., CASP+ CE, CISM, CISSP (or Associate), GSLC.
Minimum of 5 years RMF Assessment and Authorization (A&A) experience - resume must capture supporting evidence.
Hands on experience with ACAS, Xacta, and eMASS - identify date of last active account for each.
Ability to verbally articulate the intent of all NIST 800-53 security controls as it applies to each program under review.
Experience analyzing and interpreting outputs of various endpoint security, vulnerability, and enumeration tools (e.g., Tenable Nessus, Security Center, SolarWinds, EndPoint Security Solutions, Vulnerator, SCAP Compliance Checker, etc.).
Experience developing Security Impact Assessments (SIA) and/or ISSE assessments - must be able to complete all assessment parameters for government review.
Experience working with systems administrators, network engineers, and systems engineers to continually monitor and ensure system compliance.
Self-motivated and capable of performing tasks with minimal oversight.
Enthusiastic and energetic performer. Able to work in dynamic, fast-pace, and high visibility environment.
Strong communication and technical writing skills.
Sought-after skill set:
Active TS/SCI clearance within the past 24 months.
Experience working at the SCI and SAP level relating to space command and control.
Able to describe the differences between collateral and SCI system authorization requirements as they apply to DoD and IC instructions and guidelines.
Understanding of cloud-based technologies and development environments along with security control implementations in those environments.
SAIC accepts applications on an ongoing basis and there is no deadline.
Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.
Location: KIRTLAND AFB, NM, US
Date Posted: 2024-04-03
Category: Cyber
Subcategory: Cyber GRC
Schedule: Full-time
Shift: Day Job
Travel: No
Minimum Clearance Required: Top Secret
Clearance Level Must Be Able to Obtain: TS/SCI
Potential for Remote Work: No
Description
SAIC and the Engineering, Development, Integration and Sustainment (EDIS) team are looking for an Information Systems Security Engineer (ISSE) to work with our Space Systems Command (SSC) customer at Kirtland AFB in Albuquerque, New Mexico. We want you to join our qualified and diverse team of professional Cybersecurity SMEs, where you can apply your talents to take our team to new levels of performance. You will leverage your subject matter expertise in applications, systems, network cybersecurity, and DoD Risk Management Framework (RMF) requirements to provide expert ISSE support to various satellite ground command and control systems at multiple classification levels, undergoing system modernization - to include migration to the cloud and co-hosting multiple mission partners.
Steps to success:
Review all software, hardware, and infrastructure changes on the systems, following the RMF process to support system accreditation.
Support continuous monitoring and security mitigation.
Assess NIST 800-53 security controls, DISA Security Technical Implementation Guides (STIGs), and Assured Compliance Assessment Solution (ACAS) scans.
Author System Security Plans (SSP), NIST 800-53 control implementation plans, and Systems Security Test Plans.
Create system authorization boundary diagrams encompassing traceability back to Hardware, Software, and Ports Protocols and Services Management (PPSM) lists.
Participate in the design, development, and implementation of information systems to ensure these systems comply with regulatory security features and safeguards.
Manage Security Assessment Report (SAR) and its Plan of Actions and Milestones (PO&AM).
Interact frequently with the appointed Information System Security Officer, Information System Security Manager (ISSM), and/or senior govt leadership.
Provide clear justification describing the satisfaction all applicable security control implementation as specified by the IC, AO, or NIST-800-53, rev 5.
Prepare for and assist with formal risk assessments conducted by the AOs designated Security Control Assessors (SCA) while acting as a member of the security assessment team.
Qualifications
Expertise Essentials:
Have a active Top Secret security clearance with SCI eligibility. Must be able to obtain and maintain a TS/SCI indoctrination and subsequent special access program level read in.
Bachelor's degree in cybersecurity or related field and 9 years of relevant experience. Can substitute 4 additional years of experience in lieu of degree.
DoD 8570.1 IAM Level II certifications, e.g., CASP+ CE, CISM, CISSP (or Associate), GSLC.
Minimum of 5 years RMF Assessment and Authorization (A&A) experience - resume must capture supporting evidence.
Hands on experience with ACAS, Xacta, and eMASS - identify date of last active account for each.
Ability to verbally articulate the intent of all NIST 800-53 security controls as it applies to each program under review.
Experience analyzing and interpreting outputs of various endpoint security, vulnerability, and enumeration tools (e.g., Tenable Nessus, Security Center, SolarWinds, EndPoint Security Solutions, Vulnerator, SCAP Compliance Checker, etc.).
Experience developing Security Impact Assessments (SIA) and/or ISSE assessments - must be able to complete all assessment parameters for government review.
Experience working with systems administrators, network engineers, and systems engineers to continually monitor and ensure system compliance.
Self-motivated and capable of performing tasks with minimal oversight.
Enthusiastic and energetic performer. Able to work in dynamic, fast-pace, and high visibility environment.
Strong communication and technical writing skills.
Sought-after skill set:
Active TS/SCI clearance within the past 24 months.
Experience working at the SCI and SAP level relating to space command and control.
Able to describe the differences between collateral and SCI system authorization requirements as they apply to DoD and IC instructions and guidelines.
Understanding of cloud-based technologies and development environments along with security control implementations in those environments.
SAIC accepts applications on an ongoing basis and there is no deadline.
Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.