Principal Cyber Security Analyst/Validator
Washington, DC

Job Description

Job Description

Description

SAIC is hiring a Senior Cyber Security Analyst/Validator for Dept of Navy

Job description:

The security control validator is responsible for conducting a comprehensive assessment of the management, operational, and technical security controls employed within or inherited by an information system to determine the overall effectiveness of the controls. The validator leads a team of cybersecurity analysts who complete the cybersecurity tasks to be validated.

Duties:

* Reviews cybersecurity RMF packages for 21 systems
* Tracks 21 systems progress and coordinates with inside and outside groups to accomplish RMF Step 1-3 tasks
* Tracks vulnerability testing and scans, as well as configuration updates.
* Tracks all Category I and II vulnerabilities within the systems
* Works with the System Administrators to ensure STIGs are applied within the environment
* Operates software tools needed to effectively observe and analyze network vulnerabilities
* Configures and carries out necessary testing on dedicated application vulnerability.
* Plans scans to effectively detect malicious software and hardware that might be present on the network.
* Carries out audits of existing and newly acquired systems
* Making recommendations on particular improvements to internal controls and security
* Carrying out information security risk assessment annually in accordance with the RMF framework.
* Ensure anomalies are effectively handled by developing prompt response procedures.
* Completing statistical and status reports, as well as providing fast and timely responses.
* Identifying ways to improve security by suggesting configuration changes to server, network, client, and/or security devices.
* Coordinating with the Systems Administration team for network updates, patches and version changes.
* Preparing weekly reports
* Presenting results and progress to the team in Weekly Reviews
* Work with other cybersecurity team members to ensure Steps 1-3 of the RMF process are completed satisfactorily

Qualifications

Required experience:

* A&A Validator - Navy Qualified Validator
* Experience with A&A process
* Experience in all Steps of the RMF process and completing the tasks in Steps 4-5 of the RMF process
* Excellent communication skills, both verbal and written
* Ability to capture meeting minutes accurately and quickly

Education and Experience:

* Bachelor's Degree and 9+ years of IT experience or H.S. Degree and 13+ years of relevant experience in lieu of a Bachelor's Degree.
* Ideally with 5 years' experience in security programs and processes for the protection of sensitive or classified information

Certifications:

* DoD Directive 8570 IAT Level II Certification - required (CCNA Security, GICSP, GSEC, Security+ CE, or SSCP)
* CISSP credential (have the ability to obtain within 90 days of start date)

Security Clearance:

* SECRET Clearance required

Optional but preferred:

* Experience in leading and training a small team
* Track all systems utilizing MS Project
* Provide status utilizing