Cybersecurity Engineer

at VetsEZ
  • Remote - United States

Remote

Cybersecurity

Mid-level

Job description

VetsEZ is currently seeking a candidate to join the team as a Cybersecurity Engineer (System Steward) where their expertise will be utilized to identify and minimize cybersecurity risks for the Department of Veterans Affairs (VA). They will be responsible for implementing policies that address requests for information on cyber best practices, assessing risks, supporting Authority to Operate (ATO) activities throughout the NIST Risk Management Framework (RMF) certification/accreditation processes (Steps 1-7), and providing expert guidance on information system security to maintain optimal operational security posture. Their role will involve meticulous system documentation and updates, close collaboration with system administrators, developers, system owners, and Information System Security Officers (ISSO) for ATO support, and translating security concepts into practical recommendations to assist the client in making well-informed security decisions.

The candidate must reside within the continental US.

Responsibilities:

  • Expert communication and consultative support to the VA on matters related to system security certification & accreditation and Authority to Operate (ATO), using Risk Management Framework (RMF).
  • Experience in and Technical knowledge of Network and Software Development.
  • Experience in the creation of Security-Specific documentation such as Incident Response, Contingency Planning, and Disaster Recovery processes.
  • Familiarity with the security controls outlined by the National Institute of Standards and Technology (NIST), as well as the Governance, Risk Management Framework (RMF), and security compliance procedures (GRC).
  • Skilled in providing support for system Authority to Operate (ATO) processes, including the creation of artifacts, implementation of controls, and development of Plan of Action & Milestones (POAM)
  • Capable of facilitating meetings, conducting a thorough analysis of authorization documents and associated artifacts to identify any gaps, establishing a schedule to address outstanding authorization requirements, and effectively coordinating with stakeholders within the system team.
  • Proficient in utilizing the Enterprise Mission Assurance Support Service (eMASS) tool to manage intricate system records.
  • Experience in IT and Cloud design, security, development, systems engineering, and implementation efforts.

Requirements:

  • Minimum Experience: 5 years of Information Security Experience of which at least 3 years of Cybersecurity and Cloud Security experience at a large Government agency
  • Lead and coordinate security and privacy activities within project teams, developing relevant artifacts and documenting cybersecurity requirements using the Risk Management Framework.
  • Perform security analyses to identify gaps, conduct impact assessments, implement compensating controls, and evaluate residual risks through system risk assessments and security impact analyses.
  • Conduct security compliance evaluations on IT products, assess operating system and security configurations, and ensure alignment with NIST SP 800-53 Security Controls.
  • Utilize security evaluation tools such as Tenable Nessus, Nmap, SCAP, and Wireshark to conduct analyses and identify potential vulnerabilities.
  • Prepare and present comprehensive security briefings, reports, and summaries, while effectively collaborating with internal and external stakeholders on system configuration changes and their impact on security policies.
  • Assess operating system and security configuration guidelines into images for IT products initialization and deployment within the infrastructure SCAP-SCCD-BigFix.
  • Experience working in the FedRAMP cloud environment, understanding IaaS, PaaS, and SaaS regarding cloud service provider (CSP) security control responsibilities and customer responsibilities.
  • Communicate and collaborate with internal and external customers regarding hardware and software configuration changes that may impact system security or violate policies.
  • Apply security principles, policies, and regulations in daily tasks, along with performing additional responsibilities as assigned.

Additional Qualifications:

  • Bachelor’s degree in computer science
  • Must have one or more of the following: IAT II, IAM II or IASAE II certifications:
  • ISC2 CISSP, ISC2 CAP, ISC2 SSCP, ISC2 CCSP, ISC2 ISSEP, ISACA CISM, ISACA CISA, EC-COUNCIL CEH, CompTIA Security+, CompTIA Network+, CompTIA SecurityX, CompTIA Linux+
  • Ability to obtain government clearance.

Benefits:

  • Medical/Dental/Vision
  • 401k with Employer Match
  • PTO + Federal Holidays
  • Corporate Laptop
  • Training opportunities
  • Remote Opportunity

Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability, or protected veteran status.

Sorry, we are unable to offer sponsorship at this time.

Share this job:
Please let VetsEZ know you found this job on Remote First Jobs 🙏

Similar Remote Jobs

Latest Jobs at VetsEZ

Benefits of using Remote First Jobs

Discover Hidden Jobs

Unique jobs you won't find on other job boards.

Advanced Filters

Filter by category, benefits, seniority, and more.

Priority Job Alerts

Get timely alerts for new job openings every day.

Manage Your Job Hunt

Save jobs you like and keep a simple list of your applications.

Search remote, work from home, 100% online jobs

We help you connect with top remote-first companies.

Search jobs

Hiring remote talent? Post a job

Frequently Asked Questions

What makes Remote First Jobs different from other job boards?

Unlike other job boards that only show jobs from companies that pay to post, we actively scan over 20,000 companies to find remote positions. This means you get access to thousands more jobs, including ones from companies that don't typically post on traditional job boards. Our platform is dedicated to fully remote positions, focusing on companies that have adopted remote work as their standard practice.

How often are new jobs added?

New jobs are constantly being added as our system checks company websites every day. We process thousands of jobs daily to ensure you have access to the most up-to-date remote job listings. Our algorithms scan over 20,000 different sources daily, adding jobs to the board the moment they appear.

Can I trust the job listings on Remote First Jobs?

Yes! We verify all job listings and companies to ensure they're legitimate. Our system automatically filters out spam, junk, and fake jobs to ensure you only see real remote opportunities.

Can I suggest companies to be added to your search?

Yes! We're always looking to expand our listings and appreciate suggestions from our community. If you know of companies offering remote positions that should be included in our search, please let us know. We actively work to increase our coverage of remote job opportunities.

How do I apply for jobs?

When you find a job you're interested in, simply click the 'Apply Now' button on the job listing. This will take you directly to the company's application page. We kindly ask you to mention that you found the position through Remote First Jobs when applying, as it helps us grow and improve our service 🙏

Apply