Description
SAIC is seeking a Senior Information Systems Security Analyst to support a critical U.S. government agency in the National Capital Region. This senior-level role is focused on the development and maintenance of tailored NIST SP 800-53 Rev. 5 control implementation statements to support system authorizations (ATO), continuous monitoring, and broader compliance initiatives. The analyst will work closely with system owners, engineers, and cybersecurity stakeholders to ensure accurate documentation of technical and operational security practices across complex hybrid environments.
This is an excellent opportunity for a seasoned cybersecurity professional with hands-on experience in federal ATO processes, technical writing, and security architecture who is eager to contribute to the maturity of system security documentation and governance activities.
Responsibilities:
Develop and maintain detailed, system-specific NIST SP 800-53 Rev. 5 control implementation statements for hybrid and cloud-based environments
Collaborate with SMEs, system owners, engineers, and ISSOs to validate technical control implementations
Translate technical configurations and operational practices into clear, compliant documentation aligned with RMF and assessment procedures
Identify and document control inheritance opportunities and shared responsibilities across systems and environments
Review and edit control narratives for accuracy, completeness, and consistency with assessment objectives
Support ATO-related efforts, including system authorizations, re-authorizations, and continuous monitoring documentation
Conduct gap analyses and readiness reviews to assess the completeness of control implementations
Support audits, security assessments, and reviews by producing high-quality, well-documented control statements and evidence
Document control deficiencies and support creation of POA&Ms for remediation planning
Stay current with updates to federal guidance, including NIST 800-53, NIST 800-37, FedRAMP, RMF, and CMMC
Assist in the development and revision of system security plans (SSPs), POA&Ms, and related documentation
Support continuous security monitoring for control compliance and documentation accuracy
Assist in the creation and update of security policies, procedures, and technical guidance
Contribute to reports, briefings, schedules, and project plans in both written and oral formats
Qualifications
Requirements:
Bachelor’s degree and 9+ years of IT security or IT controls experience in technical environments, or a Master’s degree and 7+ years of experience
Hands-on experience implementing and documenting security controls in system engineering, administration, or related technical roles
Strong working knowledge of NIST SP 800-53, RMF, CSF, and federal ATO processes (FISMA, FedRAMP, CMMC)
Experience supporting the development of SSPs, POA&Ms, SARs, and other RMF documentation
Familiarity with hybrid IT environments and platforms such as Microsoft Office 365, Azure, Cisco, and Oracle
Excellent technical writing skills with the ability to produce deliverables requiring minimal revisions
Strong collaboration and communication skills, including the ability to convey complex technical content to diverse stakeholders
Proficiency in Microsoft Office applications, including Word, Excel, PowerPoint, and SharePoint
Preferred Qualifications:
One or more current certifications such as CISSP, CISM, CAP, CISA, or Security+ Experience with cloud security principles and tools (AWS, Azure, GCP)
Familiarity with GRC platforms such as Archer, eMASS, CSAM, or Xacta
Understanding of OMB M-22-09, Executive Order 14028, and current federal cybersecurity policy landscape
Working knowledge of network security principles (e.g., firewalls, IDS/IPS, VPNs, segmentation)
Awareness of evolving threats and emerging IT security standards
Clearance Requirement:
- All candidates must be eligible to obtain and maintain a U.S. Public Trust clearance
This hybrid role requires a minimum of three on-site days per week in Washington, DC.
Target salary range: $80,001 - $120,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.
REQNUMBER: 2507817
SAIC is a premier technology integrator, solving our nation's most complex modernization and systems engineering challenges across the defense, space, federal civilian, and intelligence markets. Our robust portfolio of offerings includes high-end solutions in systems engineering and integration; enterprise IT, including cloud services; cyber; software; advanced analytics and simulation; and training. We are a team of 23,000 strong driven by mission, united purpose, and inspired by opportunity. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $6.5 billion. For more information, visit saic.com. For information on the benefits SAIC offers, see Working at SAIC. EOE AA M/F/Vet/Disability