Cybersecurity Engineer - Washington, United States - Veterans EZ Info Inc

Description

VetsEZ is seeking a highly talented Cybersecurity Engineer to be part of a remote team.

The candidate will join the team as a Cybersecurity Engineer, where their expertise will be utilized to identify and minimize cybersecurity risks for the Department of Veterans Affairs (VA).

They will be responsible for implementing policies that address requests for information on cyber best practices and assessing risks.

This role will involve meticulous system documentation and updates, close collaboration with system owners and ISSOs for ATO support and translating security concepts into practical recommendations to assist the client in making well-informed security decisions.

The candidate must reside within the continental US.


Responsibilities:
Communicate and provide

consultative support to the Department of Veteran Affairs on matters related to system security

certification & accreditation and Authority to Operate (ATO).

Coordinate and lead security and

privacy activities within project teams and develop security and

privacy-related artifacts.

Implement cybersecurity

requirements for IT systems and applications, documenting them in formal

security engineering documents using the Risk Management Framework.

Perform security analysis to

identify gaps, implement compensating/mitigating controls, and assess

residual risk.

Identify security risks through

security impact analysis, system risk assessments, and technology security

risk reports.

Conduct security compliance

evaluations on IT products using various security evaluation tools.

Assess operating system and

security configuration guidelines for IT product initialization and

deployment using NIST SP Security Controls.

Conduct and analyze security

evaluation tools results from Tenable Nessus, Nmap, SCAP, and Wireshark.

Assess operating system and

security configuration guidelines into images for IT product

initialization and deployment within the infrastructure SCAP-SCCD-BigFix.

Experience working in the FedRAMP

cloud environment, understanding IaaS, PaaS, and SaaS regarding cloud

service provider security control responsibilities and customer

responsibilities.


Requirements:
Bachelor's Degree in

Cybersecurity, Computer Science, Information Systems, or any other

relevant discipline is required.

A minimum of five (5) years of

Information Security Experience, of which at least 3 years are of

Cybersecurity and Cloud Security experience at a large Government agency

similar in size/scope to GSA, IRS, DoD, or VA.

Expert communication and

consultative support to the VA on matters related to system security

certification & accreditation and Authority to Operate (ATO), using

Risk Management Framework (RMF).

Experience and Technical

knowledge of Network and Software Development.

Experience in the creation of

Security-Specific documentation such as Incident Response, Contingency

Planning, and Disaster Recovery processes.

Familiarity with the security

controls outlined by the National Institute of Standards and Technology

(NIST), as well as the Governance, Risk Management Framework (RMF), and

security compliance procedures.

Skilled in providing support for

system Authority to Operate (ATO) processes, including the creation of

artifacts, implementation of controls, and development of POAMs.

Capable of facilitating meetings,

conducting a thorough analysis of authorization documents and associated

artifacts to identify any gaps, establishing a schedule to address

outstanding authorization requirements, and effectively coordinating with

stakeholders within the system team.

Proficient in utilizing the

Enterprise Mission Assurance Support Service (eMASS) tool to manage

intricate system records.

Experience in IT and Cloud

design, security, development, systems engineering, and implementation

efforts.


Additional Qualifications:
Ability to obtain a government

clearance.

One or more of the following: IAT

II, IAM II or IASAE II certifications: ISC2 CISSP, ISC2 CAP, ISC2 SSCP,

ISC2 CCSP, ISC2 ISSEP, ISACA, CISM, CISA, ISC2, EC-COUNCIL CEH, CompTIA

Security+, CompTIA Network+


Benefits:
Medical/Dental/Vision

401k with Employer Match

PTO + Federal Holidays

Corporate Laptop

Training opportunities

Remote Opportunity

Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability, or protected veteran status.

Sorry, we are unable to offer sponsorship at this time.

#J-18808-Ljbffr