RMF Cyber Security Analyst Senior

Job ID: 2510967

Location: QUANTICO, VA, US

Date Posted: 2025-10-22

Category: Cyber

Subcategory: Cybersecurity Spec

Schedule: Full-time

Shift: Day Job

Travel: Yes, 10 % of the Time

Minimum Clearance Required: Secret

Clearance Level Must Be Able to Obtain: None

Potential for Remote Work: No

Description

Introduction

Make a difference for national security by joining a team of dedicated IT professionals who will sustain, modernize and transform the enterprise IT capabilities for the Defense Counterintelligence and Security Agency (DCSA). The Air Force and Combatant Commands Business Group of SAIC is seeking a RMF Cyber Security Analyst Senior to support a transformational infrastructure program for DCSA.

SAIC is proud to be supporting DCSA in safeguarding our nation's information. DCSA is the designated oversight authority on the accreditation of classified facilities, information systems, and the insider threat program. This involves security oversight of more than 10,000 companies and approximately 13,000 facilities involved in classified work throughout the DoD and 31 Federal agencies.

Specifically, on the DCSA One IT program, SAIC will provide an enterprise IT solution that delivers highly secured and adaptable IT infrastructure, provides customer support, and cutting-edge technologies that support operations and advance the DCSA mission under a single IT environment (i.e., One IT).

Job Description

The RMF Cybersecurity Analyst Senior will provide support for a program, an organization, system, or an enclave; provides support for proposing, coordinating, implementing, and enforcing information systems or enclave cybersecurity policies, standards, and methodologies; maintains operational security posture for an information system, program, or enclave to ensure cybersecurity standards, and procedures are established and followed; performs day-to-day security operations of the system or enclave; perform IT security control validations; provide configuration management (CM) for information system security software, hardware, and firmware; manage changes to system and assess the security impact of those changes; prepare and review documentation to include Systems Security Plans (SSPs) and Security Assessment & Authorization (SA&A) packages in accordance with DoD Risk Management Framework (RMF) procedures.

Duties

• Interface with Project/Program Managers, Subject Matter Experts (SME) and Information System Security Managers (ISSM) on Major Application / General Enclave issues and updates.
• Track and report on Plan of Action and Milestone (POA&M) items; RMF Status, Annual Assessment, Authority to Operate (ATO) and Continuous Monitoring actions.
• Responsible for documentation compliance and review to ensure programs receive ATOs for multiple systems.
• Prepare briefs and A&A documents for approval in support of RMF reporting and policy development.
• Perform ISSO Type duties as defined in DoD 8510 & 8500.
• Provide risk mitigation strategies.
• Perform Quality checks on POA&Ms, assessments, and documentation.
• Conduct security control and risk assessments to support Authorizations.
• Review existing documentation bi-annually for accuracy and relevance to current DoD and DSS mandates.
• Assist with Mission Assurance tasks and information to include policy and plan development related to IT.
• Assist with research on cybersecurity items of interest.
• Perform other duties as related to risk management, communication and assessments.
  
  

The Cybersecurity Analyst will provide support for a program, an organization, system, or an enclave; provides support for proposing, coordinating, implementing, and enforcing information systems or enclave cybersecurity policies, standards, and methodologies; maintains operational security posture for an information system, program, or enclave to ensure cybersecurity standards, and procedures are established and followed; performs day-to-day security operations of the system or enclave; perform IT security control validations; provide configuration management (CM) for information system security software, hardware, and firmware; manage changes to system and assess the security impact of those changes; prepare and review documentation to include Systems Security Plans (SSPs) and Security Assessment & Authorization (SA&A) packages in accordance with DoD Risk Management Framework (RMF) procedures. The Cybersecurity Analyst will provide support for a program, an organization, system, or an enclave; provides support for proposing, coordinating, implementing, and enforcing information systems or enclave cybersecurity policies, standards, and methodologies; maintains operational security posture for an information system, program, or enclave to ensure cybersecurity standards, and procedures are established and followed; performs day-to-day security operations of the system or enclave; perform IT security control validations; provide configuration management (CM) for information system security software, hardware, and firmware; manage changes to system and assess the security impact of those changes; prepare and review documentation to include Systems Security Plans (SSPs) and Security Assessment & Authorization (SA&A) packages in accordance with DoD Risk Management Framework (RMF) procedures. The Cybersecurity Analyst will provide support for a program, an organization, system, or an enclave; provides support for proposing, coordinating, implementing, and enforcing information systems or enclave cybersecurity policies, standards, and methodologies; maintains operational security posture for an information system, program, or enclave to ensure cybersecurity standards, and procedures are established and followed; performs day-to-day security operations of the system or enclave; perform IT security control validations; provide configuration management (CM) for information system security software, hardware, and firmware; manage changes to system and assess the security impact of those changes; prepare and review documentation to include Systems Security Plans (SSPs) and Security Assessment & Authorization (SA&A) packages in accordance with DoD Risk Management Framework (RMF) procedures.

Qualifications

Required Qualifications

It is required that the RMF Cyber Security Analyst Senior have the following qualifications:

• Bachelor's degree in Information Technology, Information Systems Management, Cyber Security, or another related field, or additional years of experience in lieu of a degree.
• Five (5) or more years of hands-on technical Cyber Security experience and knowledge with DISA Security Technical Information Guides, DoD A&A Process, NIST SP 800-53, IA Technical Framework and applicable DoD Cyber Security/Risk Management policies (must have DoD or eMASS experience).
• At least one (1) year of the knowledge of current security tools, hardware/software security implementation, communication protocols and Microsoft Office suite.
• U.S. Citizenship with an active Secret clearance.
• Must meet DoD 8570-M/8140-M IAT Level II.
  
  

SAIC is a premier technology integrator providing full life cycle services and solutions in the technical, engineering, intelligence, and enterprise information technology markets. SAIC is Redefining Ingenuity through its deep customer and domain knowledge to enable the delivery of systems engineering and integration offerings for large, complex projects. SAIC's approximately 15,000 employees are driven by integrity and mission focus to serve customers in the U.S. federal government. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $4.5 billion. For more information, visit saic.com. For information on the benefits SAIC offers, see .