Principal Security Control Assessor

Full Time


    • Security
    • Analyst
    • Microsoft Excel

    Job Description

    Job ID: 2304380

    Location: OFFUTT AFB, NE, US

    Date Posted: 2023-03-29

    Category: Cyber

    Subcategory: Cybersecurity Spec

    Schedule: Full-time

    Shift: Day Job

    Travel: Yes, 10 % of the Time

    Minimum Clearance Required: TS/SCI

    Clearance Level Must Be Able to Obtain: None

    Potential for Remote Work: No


    SAIC is seeking a Principal Security Control Assessor that will possess a thorough understanding in a wide range of security tools, techniques and procedures, including the following efforts:
    • Identifies cybersecurity vulnerabilities in DOD's NC3 systems and networking assets; determines mission risk and consults with and develops technical recommendations for CC/S/A owners on measures for mitigating cybersecurity risks ensuring delivery of a viable and robust NC3 cybersecurity posture.
    • Reviews and evaluates NC3 security reports for cybersecurity issues; develops new methods and techniques to ensure actions are taken to correct and/or mitigate issues on DoD NC3 systems.
    • Provides NC3 systems cybersecurity briefings, analysis, and recommendations for implementation to senior leaders as required.
    • Analyze NC3 system cybersecurity assessments and findings, de-conflict, and normalize recommendations to senior leaders based upon assessment activities and results sought from varied venues. Provide summary of assessments within 2 days, highlighting newly identified vulnerabilities.
    • Drafts, coordinates, and presents mission risk to NC3 missions IAW DoDI 8510.01. Assessments and products will be completed IAW SI 311-02 and will normally be technically accurate and include the most current information available .
    • Researches, interprets, and analyzes broad guidance from Chairman Joint Chiefs of Staff (CJCS), Department of Defense (DOD), and other national regulations, policies, and guidelines
    • Integrate changing DOD cybersecurity policies and USSTRATCOM NC3 initiatives through updates to Strategic Instructions, input on routine document reviews, and maintaining published guidance to the NC3 community.
    • Conduct formal coordination via JSAP (and other methods) for event driven NC3 cybersecurity community tasking's and follow SI 901-02 for coordination and memorandums requiring flag-level signature.
    • Maintain USSTRATCOM policies, procedures, methodologies, and the analytical framework to support accomplishment of cybersecurity information system and mission risk assessments for NC3 systems/missions.
    • Researches, analyzes and understands the interrelationships between systems within a functional mission area.
    • Develops/updates/maintains the analytical framework and methodologies based on higher level guidance to assess mission risk within a functional mission area based on system level impacts.
    • Establishes, develops, and maintains effective working relationships and partnerships with Combatant Commands, Services, and Agencies to promote NC3 cybersecurity efforts and USSTRATCOM's NC3 cybersecurity vision.
    • Participates in special projects and initiatives and performs special assignments. Identifies the need for special projects and identifies milestones and goals.
    • Develops agendas, decision topics, obtains briefings and information papers for meetings.
    • Ensures accurate documentation of meeting action items and minutes for Senior Staff review.


    TYPICAL EDUCATION AND EXPERIENCE: Bachelors and nine (9) years or more experience; Masters and seven (7) years or more experience ; PhD or JD and four (4) years or more experience or 13 years of experience in lieu of degree

    Three-year' experience working with the DOD cybersecurity major driving policies- DoD 8510.01 (RMF), DoDI 8500 series (Cybersecurity), and CNSSI 1253

    Experience in RMF process across the Navy, Air Force, Space Force, and Intelligence cybersecurity communities

    Experience creating Plan of Action & Milestones to meet RMF controls, familiarity with eMASS tool, reviewing security artifacts, etc. ,

    Three-year' experience as Cybersecurity Analyst on DOD projects and/or systems of similar scope.

    DoD-M 8570.1-M certified at all times, with new hires taking no more than 6 months to obtain the relevant certification

    Desired Qualifications

    One year of experience working with SharePoint and website management, Microsoft Excel experience

    Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.