Description

SAIC is seeking a Cyber Security Analyst in Washington DC.  SAIC will support the Department of Health and Human Services (HHS) cybersecurity mission to ensure HHS can actively protect the vital health information with which it is entrusted, respond to existing and emerging cybersecurity threats, and continue to enhance the program to ensure HHS has the capability and capacity to respond to new and emerging requirements, technologies and threats.

The Cybersecurity Analyst ensures information and information technology (IT) assets are appropriately secure and compliant with federal regulations and industry-best security practices.  The Analyst shall deliver services and support to the client delivery of Cybersecurity, Operations, Governance, Risk Management, and Compliance (GRC) services to support the client’s Cybersecurity mission. The Information Assurance Analyst will plan and implement policies, procedures, standards, and controls to govern enterprise level protection of corporate information systems, networks, and data. The Information Assurance Analyst will stay up-to-date on the latest cyber-security intelligence, including hackers' methodologies, in order to modify frameworks, standards, policies, and security controls that govern cyber-security across the client’s information resources.

The Cyber Security Analysts responsibilities will be:

• Perform control assessments against corporate cyber-security framework
• Perform review of policies and supporting procedures/processes to identify gaps
• Learn and master how to perform 3rd Party Vendor assessments using industry standards and best practices
• Other security-related projects that may be assigned according to skills such as assist in maintaining the Information Security Risk Registry
• Perform management, monitoring, and tracking of audit engagements to include coordinating with necessary stakeholders, crafting responses for government review and approval
• Ability to work with and collaborate with regional team members and provide guidance to subordinate divisions.
• Review, analyze, and provide guidance for Information Assurance Vulnerability Management compliance scans on networks & computing devices.
• Contribute to research and analysis and translate security policy and requirements to define best methods and practices.
• Work closely with project managers and senior technical leads to ensure work meets client objectives.
• Participate in the preparation of project briefings and reports.
• Create and maintain centralized tracking mechanism and repository for audit responses and artifacts to
• Create and maintain a centralized audit process and repository for the collection, aggregation and storage of audit responses.
• Develop System Security documentation, including FIPS-199 determination, e-Authentication, privacy threshold analysis, privacy impact assessment, system security plans (SSP), IA policies, Rules of Behavior, security test and evaluation (ST&E) plans, risk assessment plans and reports, business continuity plans, disaster recovery plans, incident response plans, contingency plan, contingency plan test report, plans of action and milestones (POA&M) development, exception and waiver letters development, annual security control self-assessment, and continuous monitoring activities.

Qualifications

Education

• Bachelor’s Degree in Computer Engineering, Computer Science, or Information Systems Management or equivalent work experience in the field of Cybersecurity
• Possess 1 current security certifications (e. g., Security+, CCNA, CCNP, Network+, CEH, SANS, AWS) or be willing to obtain within 6 months of assignment

Skills/Knowledge

• Entry-1 years’ experience working in an Information Security Risk Management role - Entry
• 1-3 years’ experience working in an Information Security Risk Management role - Junior 

Desired Skills

• Bachelor’s Degree in Computer Engineering, Computer Science, or Information Systems Management or equivalent work experience in the field of Cybersecurity (+2 years)
• Working knowledge of information system standards such as (ISO, NIST, HIPAA, NIST, HiTrust, PCI, CIS, COBIT, etc.) 

Overview

SAIC is a premier technology integrator solving our nation's modernization and readiness challenges. Our offerings across defense, space, civilian, and intelligence markets include high-end solutions in engineering, IT, and mission outcomes. We integrate the best components from our portfolio with our partner's ecosystem to deliver innovative and effective solutions. We are 25,500 strong; driven by mission, united by purpose, and inspired by opportunities. Headquartered in Reston, VA, SAIC has annual revenues of nearly $7.1 billion. For information, visit saic.com or Working at SAIC for benefits details. SAIC is an Equal Opportunity Employer empowering people no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status. We strive to create a diverse, inclusive and respectful work culture that values all.