Principal Security Control Assessor

  • OFFUTT AFB, NE
  • Posted 60+ days ago | Updated 8 hours ago

Overview

On Site
Full Time

Skills

DoD
Security controls
Risk assessment
Website administration
Microsoft Excel
Information Technology
Systems engineering
Cyber security
Security clearance
Computer networking
Policies
Analytical skill
Partnership
Documentation
Risk management framework
Adobe AIR
eMASS
Microsoft SharePoint
SAP BASIS
FOCUS

Job Details

Job ID: 2401155

Location: OFFUTT AFB, NE, US

Date Posted: 2024-01-22

Category: Cyber

Subcategory: Cybersecurity Spec

Schedule: Full-time

Shift: Day Job

Travel: No

Minimum Clearance Required: TS/SCI

Clearance Level Must Be Able to Obtain: None

Potential for Remote Work: No

Description

SAIC is seeking a Principal Security Control Assessor that will possess a thorough understanding in a wide range of security tools, techniques and procedures, including the following efforts:
  • Identifies cybersecurity vulnerabilities in DOD's NC3 systems and networking assets; determines mission risk and consults with and develops technical recommendations for CC/S/A owners on measures for mitigating cybersecurity risks ensuring delivery of a viable and robust NC3 cybersecurity posture.
  • Reviews and evaluates NC3 security reports for cybersecurity issues; develops new methods and techniques to ensure actions are taken to correct and/or mitigate issues on DoD NC3 systems.
  • Provides NC3 systems cybersecurity briefings, analysis, and recommendations for implementation to senior leaders as required.
  • Analyze NC3 system cybersecurity assessments and findings, de-conflict, and normalize recommendations to senior leaders based upon assessment activities and results sought from varied venues. Provide summary of assessments within 2 days, highlighting newly identified vulnerabilities.
  • Drafts, coordinates, and presents mission risk to NC3 missions IAW DoDI 8510.01. Assessments and products will be completed IAW SI 311-02 and will normally be technically accurate and include the most current information available .
  • Researches, interprets, and analyzes broad guidance from Chairman Joint Chiefs of Staff (CJCS), Department of Defense (DOD), and other national regulations, policies, and guidelines
  • Integrate changing DOD cybersecurity policies and USSTRATCOM NC3 initiatives through updates to Strategic Instructions, input on routine document reviews, and maintaining published guidance to the NC3 community.
  • Conduct formal coordination via JSAP (and other methods) for event driven NC3 cybersecurity community tasking's and follow SI 901-02 for coordination and memorandums requiring flag-level signature.
  • Maintain USSTRATCOM policies, procedures, methodologies, and the analytical framework to support accomplishment of cybersecurity information system and mission risk assessments for NC3 systems/missions.
  • Researches, analyzes and understands the interrelationships between systems within a functional mission area.
  • Develops/updates/maintains the analytical framework and methodologies based on higher level guidance to assess mission risk within a functional mission area based on system level impacts.
  • Establishes, develops, and maintains effective working relationships and partnerships with Combatant Commands, Services, and Agencies to promote NC3 cybersecurity efforts and USSTRATCOM's NC3 cybersecurity vision.
  • Participates in special projects and initiatives and performs special assignments. Identifies the need for special projects and identifies milestones and goals.
  • Develops agendas, decision topics, obtains briefings and information papers for meetings.
  • Ensures accurate documentation of meeting action items and minutes for Senior Staff review.

Qualifications

Bachelors and 5 years of experience or 9 years of experience in lieu of degree


Three-year' experience working with the DOD cybersecurity major driving policies- DoD 8510.01 (RMF), DoDI 8500 series (Cybersecurity), and CNSSI 1253

Experience in RMF process across the Navy, Air Force, Space Force, and Intelligence cybersecurity communities

Experience creating Plan of Action & Milestones to meet RMF controls, familiarity with eMASS tool, reviewing security artifacts, etc. ,

Three-year' experience as Cybersecurity Analyst on DOD projects and/or systems of similar scope.

DoD-M 8570.1-M certified at all times, with new hires taking no more than 6 months to obtain the relevant certification

Desired Qualifications

One year of experience working with SharePoint and website management, Microsoft Excel experience

SAIC accepts applications on an ongoing basis and there is no deadline.

Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.


About SAIC