Description

SAIC currently has a career opportunity for an Information System Security Manager (ISSM) for our Reston, VA office. This position includes the ability to work a flexible 9/80 or 4/10 schedule and one day a week from home.

The Information Systems Security Manager (ISSM) will support information system life cycle activities from scoping systems for new programs and preparing Risk Management Framework packages, to reviewing regular maintenance, support and upgrades of systems during program execution, to program close-out and de-certification activities. Maintain day-to-day security posture and continuous monitoring of Information Systems (IS) including security event log review and analysis, end user account audits, etc.

• Ensure system security measures comply with applicable government policies. Provide configuration management and accurately assess the impact of modifications and vulnerabilities for each system.
• Conduct internal vulnerability assessments of the IS to identify and mitigate potential security weaknesses and ensure that all security features applied to a system are implemented and functional.
• Draft and/or prepare and maintain security Assessment and Authorization documentation (e.g., IA SOP, SSP, RAR, SCTM).
• Maintain thorough understanding of NIST 800-53 controls and determine which controls are applicable to the application, as well as document implementation in Security Controls Tractability Matrix (SCTM).
• Maintains awareness of upcoming customer / government driven changes and challenges and suggests approaches to meet those challenges.
• Responsibilities also include those listed in DAAPM 2.2 Section 3.6 Information System Security Manager (ISSM)
• Monitor system administration activities

Qualifications

Required Education and Experience:

• Active DoD Secret clearance.
• Working knowledge of Risk Management Framework (RMF) and creating a RMF System Security Plan in the enterprise Mission Assurance Support Service (eMASS).
• Experience with various information system security assessment/hardening tools - SCAP Compliance Checker, STIG Viewer, ACAS/Nessus, etc.
• Able to initiate communication with SAIC management and Government agencies for support and/or compliance requirements.
• Self-starter with the ability to operate independently without supervision.
• Professional and effective interpersonal skills and attire along with the ability to provide face-to-face customer support are required.
• More than 5 years of related information systems security experience in a security environment with demonstrated knowledge of classified IS operation.
• Current/active DoD 8570.1M Professional Certification is required. Security+ certification is a minimum with the ability to obtain an IAM level II.
• Bachelors and nine(9) years or more experience; Masters and seven (7) years or more experience; PhD or JD and four (4) years or more experience.

Desired Education and Experience:

• CompTIA Advanced Security Practitioner (CASP), Certified Information Security Manager (CISM), or Certified Information Systems Security Professional (CISSP)
• Advanced experience in Windows 10 and Windows Server operating systems, specifically, as it relates to implementing security controls of the Operating System.
• Experience with the operation and maintenance of a government SIPRNet system.
• Experience with Linux and VMware

Target salary range: $145,001 - $155,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.

Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.