SAIC

Information Systems Security Manager

SAIC$100K — $130K *
Information Technology
8 - 10 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree in Information Security or related field
  • 9+ years of experience in cybersecurity, information assurance, or equivalent
  • Familiarity with the Risk Management Framework and associated cybersecurity policies
  • Proven experience in classified environments (SAP and/or SCI)
  • Strong understanding of multi-level data control including virus scanning and data transfer
  • Certification(s) meeting DoD 8140 IAT Level II requirements (e.g., CompTIA Security+, CISSP)

Responsibilities

  • Lead efforts to obtain and maintain Authority to Operate (ATO) approvals
  • Ensure compliance with DoD and Risk Management Framework requirements
  • Perform vulnerability and risk assessments for classified systems
  • Develop and maintain RMF documentation including System Security Plans
  • Coordinate with security officials regarding External Information Systems
  • Conduct periodic reviews of IS policies and procedures
  • Manage Incident Response activities and security event reporting

Benefits

  • Mentorship opportunities for professional growth
  • Dynamic, customer-centric work environment
  • Engagement in safeguarding national security
  • Use of technical skills in a high-stakes setting
  • Potential for involvement in off-hours support for urgent cybersecurity issues
Full Job Description
Job Description

SAIC's Horizon 2 contract is seeking an energized and professional Cyber GRC Analyst Principal / Information Systems Security Manager (ISSM) to support the contract's secure operating facilities in Colorado Springs, CO. The Horizon 2 contract supports the US Space Force Space Systems Command's Program Executive Offices overseeing the Space Domain Awareness and Combat Power, and Battle Management Command, Control and Communications portfolios.

You will manage all facets of SAIC's Information Protection Program at our Colorado Springs location, and are responsible for accreditation, compliance, continuous monitoring, and operational security of classified information systems across applicable classification levels. You will provide oversight, guidance, and technical support on IT and information system security issues affecting the mission of the customer, by implementing common information system security practices, policies, and standards. Your background in applying sound and effective Information Assurance security practices, in both Windows and Linux environments, will be the driving force behind the success of our customers' missions.

Join us in safeguarding the nation's space assets and exploring the limitless opportunities that await in this dynamic role. You'll have the invaluable opportunity to be mentored in this role, ensuring not only your professional growth, but also the continued excellence of our operations. You will get to use your strong communication (verbal and written) skills and interpersonal skills in a dynamic customer centric environment, which may require sporadic off-hours support. If this is what you are looking for, keep reading.

Fun stuff you will do on the job:
  • Lead activities required to obtain and maintain Authority to Operate (ATO) approvals for classified information systems
  • Ensures compliance with applicable Department of Defense (DoD) and Risk Management Framework (RMF) requirements including CNSSI guidance, NIST security controls directives, and other applicable cybersecurity policies
  • Perform vulnerability/risk assessments to support authorization and accreditation of classified systems
  • Develop, maintain, and update RMF documentation to include System Security Plans (SSP), System Assessment Plans (SAP), Risk Assessment Reports (RAR), Security Control Traceability Matrices (SCTM), Plans of Action and Milestones (POA&M), and Continuous Monitoring Plans (ConMon)
  • Coordinate with program security officers and/or cognizant security officials on approval of External Information Systems (e.g., guest systems, interconnected systems)
  • Conduct periodic reviews and evaluations of required IS policies, standards, and procedures
  • Coordinate Information System Security Assessments, tests, and reviews
  • Conduct due diligence and process hardware and software requests
  • Provide configuration management for information system security software, hardware, and firmware
  • Coordinate Incident Response (IR) activities, security event reporting, and corrective actions associated with cybersecurity incidents affecting authorized systems


Qualifications

This is You:
  • Bachelor's degree (preferable BS; Information Security related), 9+ years experience (7 years of experience may be used with a Master's degree) with:
    • Cybersecurity, information assurance, system administration, or equivalent combination to reflect knowledge and experience
    • The Risk Management Framework, National Institute of Standards and Technology, Committee on National Security Systems cyber security requirements and guidance, and cyber security related risk management methodologies
    • Program Security responsibilities to include, but not limited to: OPSEC, Program Protection, Personnel Security clearances, Security Training and Education, and Classification management
    • Working in a SAP and/or SCI environment
    • Controlling, labeling, virus scanning, and appropriately transferring data (upload/download) between information systems at varying classification levels
  • Must have an in-scope security background investigation (T5 or SSBI), adjudicated for SCI eligibility and enrolled in the Continuous Evaluation program (if applicable)
  • Must be willing to be nominated for access to Sensitive Compartment Information and Special Access Programs and willing to consent to a Polygraph examination
  • Possess certification(s) that meet or exceed DoD 8140 IAT Level II requirements (ex. CompTIA Security+, CISSP).


You will wow us even more if you have these skills:
  • A Master's degree (preferably in cyber security, Information Security or related security studies)
  • Knowledge and experience using DoD tools and capabilities for vulnerability assessments and compliance reporting (eMASS, XACTA, ACAS, STIGs, Nessus, SCAP, Splunk, etc.)
  • Knowledge of the JSIG, ICD 503, NIST Risk Management Framework (RMF), NIST SP 800-53/53A, and CNSSI 1253, and the Assessment & Authorization (A&A) process
  • Experience with Incident Response and Disaster Recovery Procedures
  • Experience creating/updating plans, processes, and procedures, in support of system and data security requirements, as well as establishing artifacts required for system certification
  • Familiarity with virtualized hosting, such as VMware
  • Experience conducting security audits/system assessments of information systems
  • Extensive training or experience with Windows-based Information Systems with a working knowledge of LINUX operating systems
  • Understanding of Contractor Program Security Officer (CPSO) functions, responsibilities, and disciplines (i.e., PERSEC, PHYSEC, facility alarm operations, Security Training and Education, visitor access requests)
  • Have an understanding of DD254s to support government contracts


About SAIC

Science Applications International Corporation (SAIC) is a technology integrator in the technical, engineering, intelligence, and enterprise information technology markets. SAIC has approximately 26,000 employees and operates in more than 70 countries. The company was founded in 1969 and is headquartered in Reston, Virginia. SAIC provides services to the U.S. government, including the Department of Defense, the intelligence community, and civilian agencies. The company also serves commercial customers in the healthcare, energy, and financial services sectors.
Learn more about SAIC
Size
26,000 employees
Market Cap
$6 billion
Industry
Net Income
$206 million
Founded
1969
5 Year Trend
+10.7%
Revenue
$6.8 billion
NASDAQ

Similar Jobs

More Jobs at SAIC

More Information Technology Jobs

Find similar Information Systems Security Manager jobs: