VetsEZ is seeking a highly talented Cybersecurity Engineer to be part of a remote team. The candidate will join the team as a Cybersecurity Engineer, where their expertise will be utilized to identify and minimize cybersecurity risks for the Department of Veterans Affairs (VA). They will be responsible for implementing policies that address requests for information on cyber best practices and assessing risks. This role will involve meticulous system documentation and updates, close collaboration with system owners and ISSOs for ATO support and translating security concepts into practical recommendations to assist the client in making well-informed security decisions.

The candidate must reside within the continental US.

Responsibilities:

• Communicate and provide consultative support to the Department of Veteran Affairs on matters related to system security certification & accreditation and Authority to Operate (ATO).

• Coordinate and lead security and privacy activities within project teams and develop security and privacy-related artifacts.

• Implement cybersecurity requirements for IT systems and applications, documenting them in formal security engineering documents using the Risk Management Framework.

• Perform security analysis to identify gaps, implement compensating/mitigating controls, and assess residual risk.

• Identify security risks through security impact analysis, system risk assessments, and technology security risk reports.

• Conduct security compliance evaluations on IT products using various security evaluation tools.

• Assess operating system and security configuration guidelines for IT product initialization and deployment using NIST SP 800-53 Security Controls.

• Conduct and analyze security evaluation tools results from Tenable Nessus, Nmap, SCAP, and Wireshark.

• Assess operating system and security configuration guidelines into images for IT product initialization and deployment within the infrastructure SCAP-SCCD-BigFix.

• Experience working in the FedRAMP cloud environment, understanding IaaS, PaaS, and SaaS regarding cloud service provider security control responsibilities and customer responsibilities.

Requirements:

• Bachelor's Degree in Cybersecurity, Computer Science, Information Systems, or any other relevant discipline is required.

• A minimum of five (5) years of Information Security Experience, of which at least 3 years are of Cybersecurity and Cloud Security experience at a large Government agency similar in size/scope to GSA, IRS, DoD, or VA.

• Expert communication and consultative support to the VA on matters related to system security certification & accreditation and Authority to Operate (ATO), using Risk Management Framework (RMF).

• Experience and Technical knowledge of Network and Software Development.

• Experience in the creation of Security-Specific documentation such as Incident Response, Contingency Planning, and Disaster Recovery processes.

• Familiarity with the security controls outlined by the National Institute of Standards and Technology (NIST), as well as the Governance, Risk Management Framework (RMF), and security compliance procedures.

• Skilled in providing support for system Authority to Operate (ATO) processes, including the creation of artifacts, implementation of controls, and development of POAMs.

• Capable of facilitating meetings, conducting a thorough analysis of authorization documents and associated artifacts to identify any gaps, establishing a schedule to address outstanding authorization requirements, and effectively coordinating with stakeholders within the system team.

• Proficient in utilizing the Enterprise Mission Assurance Support Service (eMASS) tool to manage intricate system records.

• Experience in IT and Cloud design, security, development, systems engineering, and implementation efforts.

Additional Qualifications:

• Ability to obtain a government clearance.

• One or more of the following: IAT II, IAM II or IASAE II certifications: ISC2 CISSP, ISC2 CAP, ISC2 SSCP, ISC2 CCSP, ISC2 ISSEP, ISACA, CISM, CISA, ISC2, EC-COUNCIL CEH, CompTIA Security+, CompTIA Network+

Benefits:

• Medical/Dental/Vision

• 401k with Employer Match

• PTO + Federal Holidays

• Corporate Laptop

• Training opportunities

• Remote Opportunity

Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability, or protected veteran status.

Sorry, we are unable to offer sponsorship at this time.