Job ID: 2403377
Location: REMOTE WORK, AL, US
Date Posted: 2024-03-04
Category: Cyber
Subcategory: Cyber GRC
Schedule: Full-time
Shift: Day Job
Travel: No
Minimum Clearance Required: None
Clearance Level Must Be Able to Obtain: Public Trust
Potential for Remote Work: No
Description
SAIC is seeking a remote OS Information and Privacy Analyst. This is in support of the Department of Health and Human Services (HHS) cybersecurity mission to ensure HHS can actively protect the vital health information with which it is entrusted, respond to existing and emerging cybersecurity threats, and continue to enhance the program to ensure HHS has the capability and capacity to respond to new and emerging requirements, technologies, and threats.
Job Duties:
- The Contractor shall provide support for OS including, but not limited to OS Security Compliance and OS Staff Division (StaffDiv) collaboration, coalition building, and awareness programs supporting all OS Cybersecurity initiatives driving progress towards a strong security posture and overall compliance.
- Support includes assistance in the development, facilitation, and management and OS Cybersecurity programs protecting the confidentiality, integrity, availability, authenticity and non-repudiation of OS information and information systems, through the implementation of the risk management framework., including, but not limited to:
- Review document life cycle and ensure all System Security & Privacy Officers (SSPOs) and System Owners (SOs) are managing the documents the same.
- Assist in the implementation of any ATO process changes or innovations.
- Proactively assist in the early engagement of stakeholders to initiate the ATO process and drive progress throughout the process to assist stakeholders in meeting their ATO deadlines.
- Assist in the comprehensive risk review/technical review of ATO package.
- Provide ongoing customer support and feedback throughout each stage of the OS ATO process
- Assist SSPOs/SOs with documentation as needed.
- Prepare Authorizing Official (AO) memos.
- Process ATO and Interim Authorization to Test (IATT) packages.
- Review ATO packages and engage with relevant stakeholders and SSPOs/SOs as needed.
- Assist in updating tracking tools and managing “real time” updates to reflect current state of ATO status.
- Assist in the final preparation of packages for management review and approval.
- Assist OS Compliance Management in activities related to FISMA quarterly and annual quarterly reporting.
- Assist OS Compliance Management in any audit related activities, especially the annual OIG FISMA Audit
- Review Plan of Action and Milestones submitted for closure and close as necessary or provide assistance with evidence required for closure
- Provide subject matter expertise and review all deliverables for relevancy and accuracy.
- Develop and execute plans to identify and communicate risk factors and best practices as needed.
- At the direction of federal staff, perform ad hoc tasks, to include reviewing privacy related policies, guidance, training, and other deliverables; supporting events; and collaborating with OS, Departmental, OpDiv, and external parties on initiatives.
Qualifications
Required Experience:
- Excellent communication and writing skills.
- Experience with Federal Cybersecurity legislation, regulations, and Executive Orders, with an emphasis on cybersecurity requirements.
- Experience in assessment & authorization activities
- Experience in FISMA activities
- Experience with the annual OIG FISMA Audit
Required Qualifications:
- Must have a Bachelor’s in Information Technology, Cybersecurity, or related field and 2 years of relevant experience. May accept an additional 4 years of experience in lieu of a degree.
- Must be a US citizen with the ability to obtain and maintain a Public Trust with HHS
- Cybersecurity certification
- Must have Excellent communication and writing skills
Target salary range: $75,001 - $100,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.
SAIC accepts applications on an ongoing basis and there is no deadline.
Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.