Description
SAIC is seeking a Senior Information Systems Security Analyst to support a critical U.S. government agency in the National Capital Region. This senior-level role is focused on the development and maintenance of tailored NIST SP 800-53 Rev. 5 control implementation statements to support system authorizations (ATO), continuous monitoring, and broader compliance initiatives. The analyst will work closely with system owners, engineers, and cybersecurity stakeholders to ensure accurate documentation of technical and operational security practices across complex hybrid environments.
This is an excellent opportunity for a seasoned cybersecurity professional with hands-on experience in federal ATO processes, technical writing, and security architecture who is eager to contribute to the maturity of system security documentation and governance activities.
Responsibilities:
• Develop and maintain detailed, system-specific NIST SP 800-53 Rev. 5 control implementation statements for hybrid and cloud-based environments.
• Collaborate with SMEs, system owners, engineers, and ISSOs to validate technical control implementations.
• Translate technical configurations and operational practices into clear, compliant documentation aligned with RMF and assessment procedures.
• Identify and document control inheritance opportunities and shared responsibilities across systems and environments.
• Review and edit control narratives for accuracy, completeness, and consistency with assessment objectives.
• Support ATO-related efforts, including system authorizations, re-authorizations, and continuous monitoring documentation.
• Conduct gap analyses and readiness reviews to assess the completeness of control implementations.
• Support audits, security assessments, and reviews by producing high-quality, well-documented control statements and evidence.
• Document control deficiencies and support creation of POA&Ms for remediation planning.
• Stay current with updates to federal guidance, including NIST 800-53, NIST 800-37, FedRAMP, RMF, and CMMC.
• Assist in the development and revision of system security plans (SSPs), POA&Ms, and related documentation.
• Support continuous security monitoring for control compliance and documentation accuracy.
• Assist in the creation and update of security policies, procedures, and technical guidance.
• Contribute to reports, briefings, schedules, and project plans in both written and oral formats.
Qualifications
Requirements:
• Bachelor’s degree and 9+ years of IT security or IT controls experience in technical environments, or a Master’s degree and 7+ years of experience.
• Hands-on experience implementing and documenting security controls in system engineering, administration, or related technical roles.
• Strong working knowledge of NIST SP 800-53, RMF, CSF, and federal ATO processes (FISMA, FedRAMP, CMMC).
• Experience supporting the development of SSPs, POA&Ms, SARs, and other RMF documentation.
• Familiarity with hybrid IT environments and platforms such as Microsoft Office 365, Azure, Cisco, and Oracle.
• Excellent technical writing skills with the ability to produce deliverables requiring minimal revisions.
• Strong collaboration and communication skills, including the ability to convey complex technical content to diverse stakeholders.
• Proficiency in Microsoft Office applications, including Word, Excel, PowerPoint, and SharePoint.
Preferred Qualifications:
• One or more current certifications such as CISSP, CISM, CAP, CISA, or Security+.
• Experience with cloud security principles and tools (AWS, Azure, GCP).
• Familiarity with GRC platforms such as Archer, eMASS, CSAM, or Xacta.
• Understanding of OMB M-22-09, Executive Order 14028, and current federal cybersecurity policy landscape.
• Working knowledge of network security principles (e.g., firewalls, IDS/IPS, VPNs, segmentation).
• Awareness of evolving threats and emerging IT security standards.
Clearance Requirement:
All candidates must be eligible to obtain and maintain a U.S. Public Trust clearance.
**This hybrid role requires a minimum of three on-site days per week in Washington, DC.**
...a client-facing mindset . ~ Ability to work independently onsite with minimal supervision. ~ Relevant certifications (e.g., CCNA, CCNP ) are a plus. Preferred Skills: Familiarity with ticketing systems and ITIL processes. Experience supporting enterprise...
...Destinations & Experiences. NBCUniversal is a subsidiary of Comcast Corporation.Comcast NBCUniversal has announced its intent to create a... ...and Inclusion ( initiatives, coupled with our Corporate Social Responsibility ( work, is informed by our employees, audiences, park...
...of the communities where people live, work and play -from homes to hospitals, grade schools to grocery... ...measuring, and cutting parts to length Operate various CNC-controlled machines, such... ...are being contacted directly, both by phone and e-mail. In other instances, these...
Are you passionate about digital marketing or affiliate marketing and eager to learn? Our... .... . Full training providedno prior experience needed! YOUR ROLE . As a Digital... ...marketing products. . Post these ads on the social media platforms of your choice. . Respond...
...ace our interview process.About the Role:As a User Experience Researcher, you will design and execute foundational, exploratory, and evaluative... ...along the way and collaborate with product managers, UX designers, data scientists and engineers. You will report to the...