Description

SAIC has an opportunity for an ATO ISSO in Pearl City, Hawaii OR Huntsville, AL to support the US INDOPACOM J73 documenting security controls and creating Authority to Operate (ATO) packages.

NOTE: This position can be located in Pearl Harbor, Hawaii or Huntsville, Alabama. If located in Huntsville, travel is required to Hawaii 4-6 weeks a year.

JOB DESCRIPTION:

• Documenting security controls in SSP per NIST SP 800-53A rev4

• Create Authority to Operate (ATO) packages

• Validate vulnerability/risk assessment analysis to support accreditation

• Utilize various information system inspection tools to audit systems, analyze potential vulnerabilities and identify mitigation approaches

• Conduct technical evaluation of information system designs, focusing on information security aspects and accreditation

• Review completion and implementation of system additions and enhancements, and makes recommendations to management

• Determine system specifications, input/output processes, and working parameters for hardware and software compatibility

• Assist and review program documentation to include RMF reports, accreditation packages, and security policy guides using NIST 800-53A guidance

Qualifications

REQUIRED EDUCATION AND EXPERIENCE:

• Bachelors and five (5)+ years of related experience; additional four (4) years of experience accepted in lieu of degree

• Experience working with Authority to Operate (ATO) packages for both on-premises, and Cloud environments

• Experience using Government, Risk Compliance (GRC) tools (i.e. Cyber Security Assessment and Management (CSAM), eMASS, XACTA, etc.)

• Experience developing Standard Operating Procedures (SOP), After-Action Reports, and Policy and Procedure documents

• Experience documenting security controls in a System Security Plan (SSP) and how the controls are being implemented

• Familiar with Risk Management Framework (RMF), Cloud Security Requirements Guide (SRG), National Institute of Standards and Technology (NIST) guides, and Security Technical Implementation Guide (STIG)

• Understanding of the DOD requirements for the Network Topology, System Security Boundary, and Data Flow Diagrams

REQUIRED CERTIFICATION:

• Must have a current DoD IAM Level I or higher certification (i.e. Security+ CE, Cloud+, CASP+, OR CISSP etc.)

REQUIRED CLEARANCE:

• Must have a current Active Secret Clearance with the ability to obtain a Top Secret Clearance

• Must be a current US Citizen

Target salary range: $125,001 - $150,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.

SAIC accepts applications on an ongoing basis and there is no deadline.

Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site. REQNUMBER: 2407002

SAIC is a premier technology integrator, solving our nation's most complex modernization and systems engineering challenges across the defense, space, federal civilian, and intelligence markets. Our robust portfolio of offerings includes high-end solutions in systems engineering and integration; enterprise IT, including cloud services; cyber; software; advanced analytics and simulation; and training. We are a team of 23,000 strong driven by mission, united purpose, and inspired by opportunity. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $6.5 billion. For more information, visit saic.com. For information on the benefits SAIC offers, see Working at SAIC. EOE AA M/F/Vet/Disability