Join SAIC's Cyber Security team as a Senior Cybersecurity Analyst / NQV (Navy Qualified Validator)
in San Diego, CA. Job Summary:
As a Senior Cybersecurity Analyst (NQV), you will validate the Risk Management Framework (RMF) network security architectures, designs, implementations, and operations within 3 NIWC Pacific RDT&E systems, networks, and applications. Additionally, you will also conduct independent assessments on SCAP Scans, Vulnerability Scans, Control validation and STIG/SRG (manual) validations.
Location: This role offers limited, temporary work from home / remote / virtual work at home due to COVID-19. However, you will be required to work on-site 1-2 days a week.
This position supports the Assessment and Authorization (A&A) cybersecurity efforts for NIWC PAC code 82000 to support the Research, Development, Test & Evaluation (RDT&E) network. The RDT&E environment allows customers to utilize Navy computers and network infrastructure to develop, test, and certify new systems that are either directly in support of Navy initiatives or support internal or external customer requirements.Roles and associated responsibilities:
Qualifications Required Education and Experience:
- Validate and achieve Authority to Operate (ATO's) for the required systems.
- Provide experience of NIST SP 800-53, RMF implementation and provide recommendations in accordance with NIST FIPS 199.
- Utilize eMASS for validating all system packages, artifacts, and supporting documentation.
- Asses system configurations per DISA STIG using STIGviewer, SCC, and OpenSCAP.
- Verify accreditation boundary information for POR and the networked systems including accreditation boundary, hardware and software lists, and other Authority to Connect (ATC)-related information.
- Bachelor's Degree in (STEM), or an Information Technology (IT) related field AND five (5) years of relevant work experience, OR Associate's Degree in an Information Technology (IT) related field AND eight (8) years of relevant work experience, OR High School Diploma or equivalent AND ten (10) years of relevant work experience.
- Commercial certification meeting or exceeding DoD 8570.01M IAM-3 (CISSP, CISM, GSLC, CCISO)
- Navy Qualified Validator (NQV) or equivalent is preferred
Active Secret clearance Additional Experience Required:
Four (4) Years of demonstrated experience in Risk Management Framework (RMF) to include performing ALL of the following:
- Policy development and enforcement
- MASS package development
- Assessment and Authorization (A&A) processes
- Information Assurance Vulnerability Management (IAVM) and Computer Task Order (CTO) process and reporting
- Testing and analysis of IA controls and secure configuration using the Assured Compliance Assessment Solution (ACAS)
- Analyzing system configuration per DISA STIG using STIGviewer, SCC, and OpenSCAP
- Demonstrated knowledge of RMF National Institute of Standards & Technology (NIST)
My SAIC Benefits.