Engility is looking for a Information Security Analyst in Herndon – Apply Here!
SAIC, a leading provider of systems development and deployment, targeting and intelligence analysis, systems engineering and integration, and training capabilities and solutions for the Intelligence Community (IC), is seeking creative and dedicated professionals to fulfill their career goals and objectives, while delivering mission excellence on programs of national importance.
SAIC’s National Intelligence Community (NIC) Business Unit, USG Mission and Information Technology Division, is seeking a Assessment and Authorization Specialist to provide Certification and Accreditation (C&A) support, advise the lifecycle of the Assessment and Authorization (A&A) process, and develop System Security Plans (SSPs). The specialist will assist and maintain a formal Information Security Program that includes recommendations on continuous improvement of the processes an architectures supporting the overall operational activities.
• Maintain and analyze documentation of all operational and business process activities in the form of Standard Operating Procedures (SOP)
• Coordinate A&A actions and system testing with appropriate security personnel
• Develop risk assessment, recommend mitigation countermeasures, and write short, succinct risk assessment and certification reports for submission
• Produce and assist with production of technical artifacts required for A&A packages such as System Security Plans, Audit Strategy, Configuration Management Plan, Security Controls Traceability Matrix, and Project Plan of Action and Milestone
• Active TS/SCI with polygraph
• Bachelor’s Degree (B.S.) in Management Information systems, Information Assurance, Computer Engineering, or a related IT and Cyber Security discipline. Note that years of experience can be substituted in lieu of degree.
• Three (3) or more years of demonstrated experience in the following:
• Employing Risk Management Framework (RMF) methodology
• Managing document repositories and databases
• Utilizing process tracking document control software
• Implementing INFOSEC policies, regulations, and guidance
• Navigating cyber risks such as malware, zero-day attacks, denial of service attacks, as well as associated mitigations regarding computer and network devices
• One or more of the following certifications:
• Certified Information Systems Security Professional (CISSP)