JOB DESCRIPTION: SAIC is currently seeking a Cyber Security Analyst in Huntsville, AL with knowledge of DoD Risk Management Framework (RMF) and vulnerability monitoring tools in support of compliance and configuration management activities for Combat Capabilities Development Command (CCDC) Aviation & Missile Center, System, Simulation, Software & Integration Directorate (S3I)
Duties & Responsibilities:
Provides support for the independent assessment and compliance of information systems against DoD RMF standards
Participates in the creation and enforcement of enterprise security documents (policies, standards, baselines, guidelines and procedures)
Responsible for the monitoring, tracking and reporting of POAMs Develops and reports on cyber security metrics
Conducts software assessments against new software prior to deployment in production environments
Reviews requests for changes to system configuration items
Uses vulnerability monitoring or scanning tools such as ACAS or SCAP to scan, identify and remediate vulnerabilities across systems
Perform vulnerability/risk assessment analysis to support accreditation and other program protection activities
Utilize various information system inspection tools to audit systems, analyze potential vulnerabilities and identify mitigation approaches
Conduct technical evaluation of information system designs, focusing on information security aspects and accreditation
Review completion and implementation of system additions and enhancements, and makes recommendations to management
Determine system specifications, input/output processes, and working parameters for hardware and software compatibility
Assist and review program documentation to include RMF reports, accreditation packages, and security policy guides using NIST 800-53A guidance
Maintain current knowledge of relevant technology and security threats as assigned
Other duties as assigned
Qualifications REQUIRED EDUCATION & EXPERIENCE:
Bachelor's degree in computer science, engineering or a related technical discipline and 2 years of experience.
Active DoD Secret security clearance required
2 years of experience in performing Information Assurance within the RMF
Direct eMASS experience
Security+ CE or higher DoD 8570 Certification
Good written and verbal communication skills
Ability to adapt to a dynamic customer-oriented environment
Working knowledge of DISA STIGs and STIG tools/ Must be able to interpret DoD STiGs and other security standards and provide technical guidance for their implementation into software and system requirements.
