Cybersecurity Analyst (Remote) #5067

Company Overview

GovCIO is a team of transformers–people who are passionate about transforming government I.T. We believe in making a difference by developing digital strategies and delivering the technology-related innovation that improves governmental operations each day.

But we can’t do it alone. We welcome and nurture an inclusive and diversified work culture. Because different backgrounds, experiences, abilities, and perspectives make us better decision-makers, problem solvers, and creators. We’re changing the face of I.T. – from our diverse staff to the end-products we develop. And we’re excited to expand our team. Are you ready to be a transformer?

 

This individual will support cybersecurity efforts across multiple projects within a portfolio setting and proactively monitor upcoming cyber priorities across the VA Health portfolio.

 

Responsibilities

• Communicate and provide consultative support to the VA on matters related to system security certification & accreditation and Authority to Operate (ATO) including managing related processes.
• Coordinate and lead security and privacy activities within project teams and develop security and privacy related artifacts.
• Review any identified system/applications security controls in accordance with NIST SP-800 53 Rev 4 guidance and VA Handbook 6500.
• Perform cyber security and information system risk analysis, vulnerability assessment, and regulatory compliance assessment and gap analysis on currently deployed systems and systems under development.
• Strong understanding and hands-on experience working with Federal Information Security Management Act (FISMA), NIST-800-53 guidance, HIPAA, and HITECH Act.
• Deliver assigned and related security and privacy artifacts on/ahead of time.
• Provide input to various status and progress reports with multiple frequencies (e.g., daily, weekly, bi-weekly, etc.)
• Identify and mitigate risks to the program.
• Identify and communicate symptoms for process improvement. 
• Support adoption of new technologies and products by performing research, identifying security-related issues, and developing adoption plans.

Qualifications

• Bachelor’s degree in Engineering, Computer Science, Systems, Business or related scientific /technical discipline.
• 15+ years of related experience with cyber security including 5 or more at VA.
• 10 years of additional relevant experience may be substituted for education.

Required Skills and Experience

• Must have experience achieving an ATO for projects within the VA or other Federal Agencies.
• Ability to work both independently with minimal guidance and to supervise and lead collaborations with project team members, program customers, and program and external stakeholders on behalf of the VA Technical Lead.  This position requires significant hands-on work execution by the candidate.
• Demonstrated experience in a remote work environment.
• Ability to proactively communicate and coordinate with various internal and external project stakeholders, depending on needs.
• Analytical and investigative skills.

Preferred Skills and Experience

• Experience with Federal Risk and Authorization Management Program (FedRAMP) is a definite plus.
• Experience with achieving an ATO for Software as a Service (SaaS) and/or Cloud based applications is a definite plus
• Well versed in the VA Veteran-Focused Integration Process (VIP) project management methodology and other VA security related reporting methodologies.
• Experience with the VA’s Governance, Risk management and Compliance (GRC) Tool, eMASS.