Cyber Risk Management Analysts - Richmond, VA - VITA Job

Cyber Risk Management Analysts - Richmond, VA - VITA (Job Number:435382)

Description:



Job Description
- SAIC is seeking 7 Cyber Risk Management Analysts to join our MSI team supporting the Commonwealth of Virginia (COV).
- The Risk Analyst team will be interacting with COV technology suppliers about their compliance with COV cybersecurity policies and practices, and providing a wide range of Risk management services to them and the Commonwealth.

This will require a combination of the following Knowledge, Skills, and Abilities:
Knowledge

Strong understanding of applying Risk Management Frameworks (preferably NIST RMF and/or ISO 27000), including:
- Identification of business priorities
- Analysis of Risk to those priorities
- Planning of security controls to best protect those priorities while meeting requisite policies and procedures
- Assessment of compliance with controls and resulting impact on risk
- Creating plans to remediate weaknesses
- Quantifying and reporting on remediation progress
- Assessment of remediation effectiveness
- Analysis of threat landscapes
- Reprioritization of remediation activities as dictated by changing threat landscapes
- Automation of continuous monitoring solutions
- Incident response and incident Root Cause Analysis
- Maintenance of a consolidated Risk Register, with escalation of known issues that surpass the risk appetite of the organization.

Abilities

Strong verbal, analytical, and written communication abilities:
- Verbal abilities should be confident but non- confrontational, articulate but not wordy, equally comfortable leading and following, and as eager to listen as to contribute.
- Analytical abilities should avoid black-and-white thinking, and instead embrace diversities of opinions and viewpoints for their ability to inform complex solutions to complex real-world problems.
- Written abilities should produce grammatically correct, concise, informative, and visually appealing written products.
- Adaptability to both technical and non-technical audiences and a strong customer-service focus will be critical since this is a role that will have frequent contact with our COV customer.

Skills
- Entry-Level: If you would like to be considered for an entry-level position because you can demonstrate a strong foundation in the Knowledge and Abilities listed above, but lack hands-on experience with the kinds of capabilities listed in the dot-point below, then please submit a copy of your academic transcript with your resume. Entry-level staff are expected to gain exposure and experience with many of the tools listed below as they mature in their roles.
- Junior-level through more senior-level: candidates should describe their depth of hands-on experience with the following cybersecurity capabilities: RSA Archer, CyberArk, SailPoint, SQL Server, Nessus, VMware, Splunk, Active Directory, LDAP, PaloAlto, Encase, CMDB, cURL, PuTTY, Java, JavaScript, JBOSS, JDBC, ServiceNow, Okta, eGRC tools, PKI concepts and provisioning tools, static code analyzers, endpoint protection capabilities, VPN capabilities, System Admin tools, virtualization failover techniques, Cloud/FedRAMP security practices & service deployment models, SSAE16 audits, and other cybersecurity-related protection capabilities and tools.
- Team Lead: In addition to a strong foundation in the Knowledge, Skills, and Abilities listed above, the team lead will be expected to have demonstrated skills leading IT professionals.

Qualifications:
Qualifications

Education / Certifications / Other
- Candidates with a Bachelor’s degree should have at least eight (8) years of experience to be considered for a senior level position, and candidates with a Master’s degree should have at least four (4) years of experience to be considered for a senior level position. Degrees in engineering, science, and mathamatics are preferred.
- Continual Learning. Completion of advanced course work, or attainment and maintenance of cybersecurity- related credentials and certifications, is preferred.
- ITIL Certification. Candidates who have completed ITIL v3 2011 Foundation or above are preferred.
- Location: Work will be performed in Richmond, VA, with infrequent work-related travel.

Security Clearance Requirement
- US Citizen. Must be able to pass a Commonwealth of Virginia background check.

SAIC Overview:SAIC is a premier technology integrator providing full life cycle services and solutions in the technical, engineering, intelligence, and enterprise information technology markets. SAIC is Redefining Ingenuity through its deep customer and domain knowledge to enable the delivery of systems engineering and integration offerings for large, complex projects. SAIC¿s approximately 15,000 employees are driven by integrity and mission focus to serve customers in the U.S. federal government. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $4.5 billion. For more information, visit saic.com. For information on the benefits SAIC offers, see ( My SAIC Benefits. EOE AA M/F/Vet/Disability

Job Posting: Mar 27, 2018, 4:27:01 PM
Primary Location: United States-VA-RICHMOND
Clearance Level Must Currently Possess: None
Clearance Level Must Be Able to Obtain: None
Potential for Teleworking: No
Travel: Yes, 10% of the time
Shift: Day Job
Schedule: Full-time
Company
SAIC
Posted
03/27/2018
Type
Full time
Location
Richmond, Virginia 23173, US