Cybersecurity Engineer (Remote Opportunity)

2 days ago Be among the first 25 applicants

Get AI-powered advice on this job and more exclusive features.

Lensa is a career site that helps job seekers find great jobs in the US. We are not a staffing firm or agency. Lensa does not hire directly for these jobs, but promotes jobs on LinkedIn on behalf of its direct clients, recruitment ad agencies, and marketing partners. Lensa partners with DirectEmployers to promote this job for VetsEZ.

VetsEZ is currently seeking a candidate to join the team as a Cybersecurity Engineer (System Steward) where their expertise will be utilized to identify and minimize cybersecurity risks for the Department of Veterans Affairs (VA). They will be responsible for implementing policies that address requests for information on cyber best practices, assessing risks, supporting Authority to Operate (ATO) activities throughout the NIST Risk Management Framework (RMF) certification/accreditation processes (Steps 1-7), and providing expert guidance on information system security to maintain optimal operational security posture. Their role will involve meticulous system documentation and updates, close collaboration with system administrators, developers, system owners, and Information System Security Officers (ISSO) for ATO support, and translating security concepts into practical recommendations to assist the client in making well-informed security decisions.

Responsibilities

• Expert communication and consultative support to the VA on matters related to system security certification & accreditation and Authority to Operate (ATO), using Risk Management Framework (RMF).
• Experience in and Technical knowledge of Network and Software Development.
• Experience in the creation of Security-Specific documentation such as Incident Response, Contingency Planning, and Disaster Recovery processes.
• Familiarity with the security controls outlined by the National Institute of Standards and Technology (NIST), as well as the Governance, Risk Management Framework (RMF), and security compliance procedures (GRC).
• Skilled in providing support for system Authority to Operate (ATO) processes, including the creation of artifacts, implementation of controls, and development of Plan of Action & Milestones (POAM)
• Capable of facilitating meetings, conducting a thorough analysis of authorization documents and associated artifacts to identify any gaps, establishing a schedule to address outstanding authorization requirements, and effectively coordinating with stakeholders within the system team.
• Proficient in utilizing the Enterprise Mission Assurance Support Service (eMASS) tool to manage intricate system records.
• Experience in IT and Cloud design, security, development, systems engineering, and implementation efforts.
  
  

Requirements

• Minimum Experience: 5 years of Information Security Experience of which at least 3 years are of Cybersecurity and Cloud Security experience at a large Government agency similar in size/scope to GSA, IRS, DoD or VA.
• Lead and coordinate security and privacy activities within project teams, developing relevant artifacts and documenting cybersecurity requirements using the Risk Management Framework.
• Perform security analyses to identify gaps, conduct impact assessments, implement compensating controls, and evaluate residual risks through system risk assessments and security impact analyses.
• Conduct security compliance evaluations on IT products, assess operating system and security configurations, and ensure alignment with NIST SP 800-53 Security Controls.
• Utilize security evaluation tools such as Tenable Nessus, Nmap, SCAP, and Wireshark to conduct analyses and identify potential vulnerabilities.
• Prepare and present comprehensive security briefings, reports, and summaries, while effectively collaborating with internal and external stakeholders on system configuration changes and their impact on security policies.
• Assess operating system and security configuration guidelines into images for IT products initialization and deployment within the infrastructure SCAP-SCCD-BigFix.
• Experience working in the FedRAMP cloud environment, understanding IaaS, PaaS, and SaaS regarding cloud service provider (CSP) security control responsibilities and customer responsibilities.
• Communicate and collaborate with internal and external customers regarding hardware and software configuration changes that may impact system security or violate policies.
• Apply security principles, policies, and regulations in daily tasks, along with performing additional responsibilities as assigned.
  
  

Additional Qualifications

• Degree In/Certifications:
• Cybersecurity, Computer Science, Information Systems, Information Assurance, Information Security, Information Resource Management, or related fields.
• Must have - ISC2 CISSP (International Information System Security Certification Consortium - Certified Information Systems Security Professional) Certification
• Must have one or more of the following: IAT II, IAM II or IASAE II certifications:
• ISC2 CISSP, ISC2 CAP, ISC2 SSCP, ISC2 CCSP, ISC2 ISSEP, ISACA CISM, ISACA CISA, EC-COUNCIL CEH, CompTIA Security+, CompTIA Network+, CompTIA SecurityX, CompTIA Linux+
  
  

Benefits

• Medical/Dental/Vision
• 401k with Employer Match
• PTO + Federal Holidays
• Corporate Laptop
• Training opportunities
  
  

Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability, or protected veteran status.

Sorry, we are unable to offer sponsorship at this time.

If you have questions about this posting, please contact support@lensa.com

• Seniority level
  Mid-Senior level

• Employment type
  Full-time

• Job function
  Information Technology
• Industries
  IT Services and IT Consulting

Referrals increase your chances of interviewing at Lensa by 2x

United States $55,000 - $85,000 1 week ago

San Francisco, CA $84,000 - $115,200 2 weeks ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.