Job Description
We are currently looking for a Cybersecurity Analyst for a 100% remote position on a large federal government project. This role supports the Department of Veterans Affairs (VA) and serves as a senior technical and strategic advisor to system owners, ISSOs, developers, and administrators. The position operates within a collaborative Agile environment and leverages tools such as ServiceNow CAM, vulnerability scanning platforms, and cloud-native security services across AWS GovCloud and enterprise systems.
The candidate must reside within the continental US.
Responsibilities:
- Lead end-to-end RMF activities, including control implementation, artifact development, risk documentation, and POA&M management.
- Guide ATO preparation, package development, and remediation planning efforts across project teams.
- Evaluate authorization packages, identify compliance gaps, and drive resolution of risks and findings.
- Ensure alignment with VA Handbook 6500, NIST SP 800-53, NIST SP 800-37, TIC 3.0, and federal cloud security standards.
- Assess system security posture across networks, cloud environments, and applications to support secure solution design.
- Perform vulnerability assessments using tools such as Nessus and Fortify, and track remediation and residual risk.
- Develop RMF documentation including SSPs, Incident Response Plans, and Contingency Plans, and present findings to stakeholders.
- Take on additional tasks and responsibilities as needed to support team objectives and ensure the success of the project.
Requirements:
- Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or related field (or equivalent experience).
- Minimum 8 years of IT/cybersecurity experience, including 5+ years of RMF and ATO experience supporting federal agencies.
- At least 3 years of experience in cloud security, preferably within AWS GovCloud environments.
- Strong expertise in NIST RMF, NIST SP 800-53 controls, and federal ATO processes.
- Experience with GRC platforms such as ServiceNow (CAM).
- Proficiency with vulnerability assessment tools such as Nessus, Fortify, and related scanning technologies.
- Knowledge of cloud security tools including AWS Security Hub, GuardDuty, CloudTrail, and IAM Access Analyzer.
- Experience with SIEM platforms such as Splunk.
- Ability to automate assessments using Python, PowerShell, or Bash.
- Strong leadership, analytical, problem-solving skills, and ability to guide cross-functional teams through security processes.
- Excellent communication skills for presenting technical information to stakeholders.
Additional Qualifications:
- Active ISC2 CISSP certification (or equivalent).
- One or more certifications such as CAP, CCSP, CISM, CISA, CEH, Security+, or Network+.
- Experience with VA security processes, VA Handbook 6500, and federal compliance frameworks.
- Familiarity with configuration management tools such as BigFix or SCCD.
- Experience supporting continuous monitoring and A&A activities in federal environments.
Benefits:
- Medical/Dental/Vision.
- 401k with Employer Match.
- PTO + Federal Holidays.
- Corporate Laptop.
- Training Opportunities.
- Remote Opportunity.
Note: Selected candidates will be required to complete fingerprinting at a government facility and undergo a background check as part of the hiring process.
VetsEZ is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability, or protected veteran status.
Sorry, we are unable to offer sponsorship at this time.
