Cyber Governance, Risk, and Compliance Analyst

Description

SAIC is seeking a highly skilled and motivated Cyber Governance, Risk, and Compliance (GRC) Analyst to join our team in support of the Nuclear Command, Control, and Communications (NC3) Enterprise Center (NEC) Enterprise Analytics and Integration Division. This analyst will play a critical role in the secure implementation and management of Amazon Web Services (AWS) and VMware-based environments. The role offers a chance to be part of a high-impact program that strengthens national defense while working on cutting-edge cybersecurity initiatives. This position is 100% onsite located in Offutt AFB, NE or Fort Meade, MD.

Job responsibilities:

• Apply the Department of War’s (DoW) Cybersecurity Risk Management Construct (CSRMC) to the NC3 Digital Mission Engineering Environment (NDMEE), which spans four enclaves.
• Serve as an Information Systems Security Officer (ISSO) to ensure the security and compliance of NC3 digital environments.
• Maintain security artifacts and ensure ongoing compliance utilizing tools such as EMASS (Enterprise Mission Assurance Support Service) and Xacta.
• Collaborate with engineering, operations, and mission assurance teams to integrate cybersecurity best practices into operational workflows.
• Support system categorization, implementation of RMF controls, and managing Plans of Actions and Milestones (POA&Ms).
• Provide recommendations for the improvement of cybersecurity governance and risk posture across AWS and VMware platforms.

Qualifications

Required Education and Experience:

• Bachelor’s Degree and nine (9) years of relevant experience.
• Five (5) years of directly related experience can be substituted for a Bachelor’s degree.

Required Certification and Clearance:

• Certification (IAM Level III or equivalent)
• One or more of the following is required:
• CISM (Certified Information Security Manager)
• CISSP (or Associate) (Certified Information System Security Professional)
• GSLC (GIAC Security Leadership Certification)
• CCISO (Certified Chief Information Security Officer)
• TS/SCI clearance

Required Skills and Knowledge:

• Familiarity with the Department of Defense (DoD) Risk Management Framework (RMF) and processes related to cybersecurity governance.
• Hands-on experience using EMASS and Xacta for tracking compliance and maintaining security documentation.
• Strong understanding of cloud-based environments (AWS) and virtualized infrastructures (VMware).Excellent analytical skills with the ability to assess risk and recommend mitigation strategies.

Target salary range: $120,001 - $160,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.