Cyber Governance, Risk, and Compliance Analyst

Job ID: 2610478

Location: Offutt AFB, NE, US

Date Posted: 2026-03-20

Category: Cyber

Subcategory: Cyber GRC

Schedule: Full-Time

Shift: Day Job

Travel: Yes - 10% of the time

Minimum Clearance Required: TS.SCI

Clearance Level Must Be Able to Obtain: None

Potential for Remote Work: ORA_ON_SITE

Description

SAIC is seeking a highly skilled and motivated Cyber Governance, Risk, and Compliance (GRC) Analyst to join our team in support of the Nuclear Command, Control, and Communications (NC3) Enterprise Center (NEC) Enterprise Analytics and Integration Division. This analyst will play a critical role in the secure implementation and management of Amazon Web Services (AWS) and VMware-based environments. The role offers a chance to be part of a high-impact program that strengthens national defense while working on cutting-edge cybersecurity initiatives. This position is 100% onsite located in Offutt AFB, NE or Fort Meade, MD.

Job responsibilities:

• Apply the Department of War's (DoW) Cybersecurity Risk Management Construct (CSRMC) to the NC3 Digital Mission Engineering Environment (NDMEE), which spans four enclaves.
• Serve as an Information Systems Security Officer (ISSO) to ensure the security and compliance of NC3 digital environments.
• Maintain security artifacts and ensure ongoing compliance utilizing tools such as EMASS (Enterprise Mission Assurance Support Service) and Xacta.
• Collaborate with engineering, operations, and mission assurance teams to integrate cybersecurity best practices into operational workflows.
• Support system categorization, implementation of RMF controls, and managing Plans of Actions and Milestones (POA&Ms).
• Provide recommendations for the improvement of cybersecurity governance and risk posture across AWS and VMware platforms.
  
  

Qualifications

Required Education and Experience:

• Bachelor's Degree and nine (9) years of relevant experience.
• Five (5) years of directly related experience can be substituted for a Bachelor's degree.
  
  

Required Certification and Clearance:

• Certification (IAM Level III or equivalent)
• One or more of the following is required:
• CISM (Certified Information Security Manager)
• CISSP (or Associate) (Certified Information System Security Professional)
• GSLC (GIAC Security Leadership Certification)
• CCISO (Certified Chief Information Security Officer)
• TS/SCI clearance
  
  

Required Skills and Knowledge:

• Familiarity with the Department of Defense (DoD) Risk Management Framework (RMF) and processes related to cybersecurity governance.
• Hands-on experience using EMASS and Xacta for tracking compliance and maintaining security documentation.
• Strong understanding of cloud-based environments (AWS) and virtualized infrastructures (VMware).Excellent analytical skills with the ability to assess risk and recommend mitigation strategies.
  
  

SAIC is a premier technology integrator providing full life cycle services and solutions in the technical, engineering, intelligence, and enterprise information technology markets. SAIC is Redefining Ingenuity through its deep customer and domain knowledge to enable the delivery of systems engineering and integration offerings for large, complex projects. SAIC's approximately 15,000 employees are driven by integrity and mission focus to serve customers in the U.S. federal government. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $4.5 billion. For more information, visit saic.com. For information on the benefits SAIC offers, see .