Senior CyberSecurity Analyst

Description

SAIC is seeking a Senior Cybersecurity Analyst to support a critical U.S. government agency. This senior-level position emphasizes conducting risk assessments, analyzing security incidents, and maintaining compliance with federal cybersecurity standards. The ideal candidate brings deep technical expertise and the ability to collaborate across IT security, compliance, and infrastructure teams.

This opportunity is ideal for cybersecurity professionals with hands-on experience in NIST-based security control implementation, incident response, and continuous monitoring, especially those looking to provide strategic support to Information System Security & Privacy Officers (ISSPOs) in a high-impact environment.

Responsibilities:

· Conduct detailed Security Impact Analyses (SIAs) for hardware/software changes, security baseline updates, and external/public-facing systems.

· Perform in-depth risk assessments on general support systems and applications; recommend remediation strategies and track resolution.

· Support development and validation of security control implementation statements in alignment with NIST SP 800-53 and agency policies.

· Analyze and respond to security incidents, assess their impact, and provide recommendations to service owners and change coordinators.

· Identify and document control deficiencies, contributing to POA&M development and remediation tracking.

· Assist in the development and enforcement of security policies and technical procedures.

· Support Continuous Monitoring by verifying control effectiveness and ensuring changes align with system security plans (SSPs).

· Update key security documentation, including system boundaries, architecture diagrams, and technical narratives following system changes.

· Contribute to GRC activities, such as policy reviews, standards exceptions, and waiver processing.

· Participate in cross-functional collaboration with networking, infrastructure, and cloud teams to ensure secure system configurations.

· Support project management activities, including preparation of status reports, briefings, and planning deliverables.

Qualifications

Requirements:

· Bachelor's degree with 7+ years of cybersecurity experience, or Master's degree with 5+ years.

· At least 3 years of hands-on experience with IT security controls in diverse environments (e.g., Windows, Unix/Linux, Azure).

· Proven knowledge of the NIST Risk Management Framework (RMF), NIST SP 800-53, and FISMA compliance.

· Experience analyzing risks and implementing technical controls using NIST and agency-specific guidance.

· Strong understanding of IT infrastructure, including networking, cloud, and enterprise platforms.

· Excellent analytical, technical writing, and verbal communication skills.

· Ability to effectively review, refine, and present security documentation for stakeholder and client submission.

Preferred Qualifications:

· One or more current certifications: CISSP, CISM, or Security+.

· Experience with GRC tools such as CSAM or similar platforms.

· Working knowledge of continuous monitoring strategies and security governance practices in federal environments.

· Familiarity with FedRAMP, cloud compliance frameworks, and federal privacy standards.

Clearance Requirement:
All candidates must be eligible to obtain and maintain a U.S. Public Trust clearance.

**This hybrid role requires a minimum of three on-site days per week in Washington, DC.**

Target salary range: $80,001 - $120,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.