Full-time
Risk Management Framework SME - SAIC - San Antonio, TX

Description RMF Analyst   This individual will be responsible for supporting vendor and assigned ISSM efforts to develop RMF packages and providing relevant cybersecurity expertise. They will help take a Defense Health Agency (DHA) Program of Record (POR) through a full accreditation assessment and achieve an ATO.Â

Responsibilities include: Support and coordinate workflow, activity, and documentation necessary to achieve successful DIACAP C&A (and/or RMF A&A efforts) for various DoD environments. This includes: Coordination among myriad stakeholders, e.g., Security Engineers, Network Administrators, System Administrators, Information Assurance Managers (IAMs) / Information Systems Security Managers (ISSMs), certification authorities (and representatives), accreditation authorities (and representatives), program managers, vendors, etc., necessary to properly identify, document, mitigate, and manage risk attributed to the target system, network, and/or application; Identify, develop (either directly, or in coordination with applicable experts), and incorporate common artifacts found in a DIACAP (or RMF) accreditation package, e.g., system architecture and boundaries, hardware and software inventories, risk assessment reports, POA&Ms, data flows, PPSM accounting, and other necessary system, network, and application documentation; Knowledge and experience identifying, assessing, and documenting compliance against applicable DoD IA security controls (technical, management, operational), Service (e.g., Army) regulations, etc., within the DIACAP (and/or RMF) package; Familiarity with the use of vulnerability scanning and assessment tools (e.g., ACAS/Nessus) necessary to identify and document compliance; Knowledge of and ability to use applicable compliance and accreditation reporting environments (e.g., eMASS, CMRS) to document the progress of C&A (A&A);Â
 Qualifications Qualifications: Bachelors Degree or 4 years additional years experience in lieu of degree 2 years of related experience Capable of providing thought leadership to the ISSM in his/her efforts to maintain an organizational or system-level cybersecurity program, consistent with DoD appointment memorandum focal points (e.g., cybersecurity architecture, compliance requirements, objectives and policies, personnel, and processes and procedures). Ability to identify, interpret and evaluate major applications, infrastructure, enclaves, and Enterprise system environments based on proposed accreditation boundaries. Ability to manage multiple projects simultaneously Strong verbal and written communications and interpersonal skills Desired: Minimum of an IAT level II certification. IAT/IAM level III certification is preferred. Experience with Amazon Web Services is desired. Clearance Requirement: Must currently possess Secret clearance.


Overview SAIC is a premier technology integrator providing full life cycle services and solutions in the technical, engineering, intelligence, and enterprise information technology markets. SAIC is Redefining Ingenuity through its deep customer and domain knowledge to enable the delivery of systems engineering and integration offerings for large, complex projects. SAIC's approximately 15,000 employees are driven by integrity and mission focus to serve customers in the U.S. federal government. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $4.5 billion. For more information, visit saic.com. For information on the benefits SAIC offers, see My SAIC Benefits. EOE AA M/F/Vet/Disability Share: mail Apply Now >

Apply for this job  or Save to My Jobs

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.asia, you agree to our use of cookies.