Cyber Security Expert (Remote)

Cyber Security Expert (Remote)

10 Sep 2024
District of Columbia, Washington, 20001 Washington USA

Cyber Security Expert (Remote)

OverviewGovCIO is currently hiring for a Cyber Security Expert (Remote). This position is 100% remote located within the United States.Core Hours: Monday - Friday, 8am-5pm Eastern Standard Time (EST)This individual will support cybersecurity efforts across multiple interfaces and agencies in support of the VA Office of Research and Development.Responsibilities

Communicate and provide consultative support on the VA on matters related to system security certification & accreditation and Authority to Operate (ATO).

Coordinate and lead security and privacy activities within project teams and develop security and privacy related artifacts.

Review and identified system/applications security controls in accordance with NIST SP-800 53 Rev 4 guidance and VA Handbook 6500.

Perform cyber security and information system risk analysis, vulnerability assessment, and regulatory compliance assessment and gap analysis on existing systems and system in development.

Responsible for on time deliverables of assigned and related security and privacy artifacts.

Must be able to identify and mitigate risks to the program.

Demonstrated experience in a remote work environment.

Ability to proactively communicate and coordinate with various internal and external project stakeholders, depending on needs.

Identifying and communicate symptoms for process improvement.

Support adoption of new technologies and products by performing research, identifying security-related issues, and developing adoption plans.

Ability to work independently with minimal guidance and supervision

Well versed in the VA Veteran-Focused Integration Process (VIP) project management methodology.

Participate in support activities related to the integration of security architecture & engineering efforts in the SDLC IT lifecycle

Support a team of other cyber security professionals

Support Application development/maintenance and IT operations with DevSecOps and Agile practices

The candidate will participate in new task orders to ensure Cyber concepts are considered within the design and architecture phases

Build and develop cyber security related artifacts

Implement scans, cloud security solutions; analyze, evaluate, and plan enterprise solutions

Resolve requests for assistance in troubleshooting issues

Participate in the planning of upgrades, replacement, configuration, and maintenance of security architecture and engineering projects

Participate in new and existing IT modernization, expansion, and improvement of security architecture and engineering projects support enterprise operations

Work with system owners to address POA&M and continual system security evaluation processes and finding.

Interface with internal and external agency security personnel to establish and maintain Interagency Security Agreements (ISAs).

Will work closely with the internal Federal Customers and External Agency ISA Coordinators to assist with the coordination and approval of ISA documentation.

Analyze process improvement areas/recommend changes to processes/procedures for efficiencies/cost-savings

Support ATO, the VA System Steward, and the VA ISSO in support of ATCs, ATOs, eMASS, REEF, and other security tracking systems

Typical tasks for this role include but are not limited to:

Authority-to-Operate (ATO) & Authority to Connect (ATC) remediation efforts

System scans and audit preparation

Cloud Migration and scans

eMASS updates, and reporting

System production monitoring

SOP Creation and Updating

4 years of additional relevant experience may be substituted for educationArtifact Research

PIA (Privacy Impact Analysis) and PTA (Privacy Threshold Analysis) Documentation

Program and administrative support (meeting notes, reports, org/role documentation, etc.)

Ad hoc remediation response support

Communications support

QualificationsRequired Skills and Experience

Bachelor’s Degree in a Business, Engineering, or Technical discipline plus 8+ years of experience; (4 years of additional relevant experience may be substituted for education)

Ability to work in a fast-paced, collaborative environment

Strong understanding and hands-on experience working with Federal Information Security Management Act (FISMA), NIST-800-53 guidance, HIPAA, and HITECH Act.

Must have experience achieving an ATO for projects within the VA or other Federal Agencies.

Experience supporting Information Assurance Certification and Accreditation (C&A) and associated IA processes, procedures, and activities with capability and expertise to implement applicable NIST and CNSS IA directives, instructions, guidelines

Ticketing systems experience such as Remedy, ServiceNow

Experience in collaborating with other enterprise technologists both internal and external to resolve complex technical issues

Ability to work both independently with minimal guidance and to supervise and lead collaborations with project team members, program customers, and program and external stakeholders on behalf of the VA Technical Lead. This position requires significant hands-on work execution by the candidate.

Demonstrated experience in a remote work environment.

Ability to proactively communicate and coordinate with various internal and external project stakeholders, depending on needs.

Security+ or other applicable certification

Experience applying security engineering concepts, processes, practices, and procedures on technical assignments, working with several different mission applications

Experience supporting and obtaining an Authority to Operate (ATO)

Analytical and investigation skills

Experience with the VA Risk and Governance Tool (Risk Vision)

Technical/Security: transaction security and virus protection tools, network monitoring tools, development tools, web tools, operating system software, object-oriented coding, network, and VPN tools, database tools, ERP tools, business intelligence tools

Specific Tools: Knowledge of service-oriented architecture. Interfaces (middleware, APIs, SOAP, XML, etc.) to components. Health or data brokering standards (HL7, Remote Procedure Calls, etc.). Note that no coding is required, but an understanding of these concepts is important.

Preferred Skills and Experience

Experience as a VA ISSO or System Steward

eMASS experience a plus

Experience with Microsoft and Linux Server Operating Systems

Experience with Cloud Engineering and Agile/Scrum

Experience in HBSS, ACAS, and NESSUS scanning, analysis, mitigation, and implementation

Experience with cloud migration and security architecture

Experience with event-driven architecture

Evaluation and creation of POA&Ms

CISSP certification

Experience with Federal Risk and Authorization Management Program (FedRAMP) is a definite plus.

Experience with achieving an ATO for Software as a Service (SaaS), Platform as a Service (PaaS), and/or Cloud based applications is a definite plus

Well versed in the VA Veteran-Focused Integration Process (VIP) project management methodology and other VA security related reporting methodologies.

Experience with the VA’s Governance, Risk management and Compliance (GRC) Tool, eMASS.

Security certification below preferred.

Preferred: CISSP (ISC2) or CISM (ISACA)

Acceptable: CEH (EC-Council), GSEC (SANS GIAC), or Security+ (CompTIA)

Clearance Required : Ability to obtain and maintain a Suitability/Public Trust clearance

Company OverviewGovCIO is a team of transformerspeople who are passionate about transforming government IT. Every day, we make a positive impact by delivering innovative IT services and solutions that improve how government agencies operate and serve our citizens.But we can't do it alone. We need great people to help us do great things - for our customers, our culture, and our ability to attract other great people. We are changing the face of government IT and building a workforce that fuels this mission. Are you ready to be a transformer?We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, disability, or status as a protected veteran. EOE, including disability/vets.Posted Pay RangeThe posted pay range, if referenced, reflects the range expected for this position at the commencement of employment, however, base pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, education, experience, and internal equity. The total compensation package for this position may also include other compensation elements, to be discussed during the hiring process. If hired, employee will be in an “at-will position” and the GovCIO reserves the right to modify base salary (as well as any other discretionary payment or compensation program) at any time, including for reasons related to individual performance, GovCIO or individual department/team performance, and market factors.Posted Salary RangeUSD $125,000.00 - USD $150,000.00 /Yr.Submit a referral to this job (https://careers-govcio.icims.com/jobs/4662/cyber-security-expert-%28remote%29/job?mode=apply&apply=yes&iniframe=1&hashed=-1834385473)Location US-RemoteID 2024-4662Category Information TechnologyPosition Type Full-Time

Related jobs

  • Cyber Security Specialist 3 - DMV

  • Req ID: RQ185238

  • Cyber Oracle Cloud Security -Consultant

  • Req ID: RQ185238

  • Summary This is a full-time position with the Marshal\'s Office - Police Department at the Supreme Court of the United States in Washington, D.C. Closing Date: Tuesday, 12/03/2024, 11:59 PM EDT Please note that this vacancy has a limit of 200 applicants. The job opportunity announcement will automatically close if that limit is reached prior to the closing date. Responsibilities The Physical Security Specialist works in the Marshal\'s Office and supports the Police Department at the Supreme Court of the United States. The incumbent is responsible for managing and maintaining the Court\'s security equipment/systems. In this capacity, the incumbent integrates and programs diverse security systems into an effective and unified physical security program. These systems include access control systems, security camera networks, mechanical barricades and bollards, intrusion alarms, etc. The incumbent conducts inspections of the security equipment/systems to ensure that they are properly maintained and operational; conducts testing of equipment; coordinates with vendors and Supreme Court security staff on equipment issues (e.g., repairs or replacements); and provides advice to the Residential Security Team on facility and home security systems. The incumbent documents security incidents and refers incidents to investigators if the incident requires further investigation. The incumbent provides input into security and renovation projects. The incumbent serves as a Physical Security Specialist supporting all physical security missions that do not require the incumbent to be a sworn law enforcement officer. The position is non-supervisory. The incumbent will report to the Lead Physical Security Officer. Requirements Conditions of Employment Qualifications SPECIAL SKILLS/KNOWLEDGE: - Knowledge of security systems integration and installation is essential for success in the role. - Knowledge of intrusion detection systems and devices, locks and locking systems, personnel entry control systems, ballistic protection measures, and asset protection. - Ability to resolve conflicts between physical security requirements and organizational missions. - Ability to train officers and contractors on the use of security systems (e.g., duress alarms, home intrusion detection systems, etc.). - Ability to read and understand plans and engineering drawings and evaluate physical site/facility for potential security deficiencies to recommend security systems for implementation and installation. - Ability to plan, schedule, and coordinate studies, special projects and assignments. - Ability to accurately prepare and process a variety of reports, records, and documents. - Ability to analyze difficult and complex issues and make recommendations for action. - Ability to develop effective working relationships with Court staff, local, state, and federal law enforcement and security agencies. - Working knowledge of MS Project or similar project management software. - Excellent communication, interpersonal, and presentation skills. - Ability to work independently and with a team to meet deadlines. - Strong organizational and time-management skills. - Ability to obtain industry standard certifications in physical security and risk/vulnerability assessments. - Ability to conduct security surveys of residences or facilities and provide feedback and recommendations to improve the security posture of the facility or residence. Education Applicants must possess five years of experience in security systems integration and installation. Additional Information Working for the Supreme Court of the United States offers a comprehensive benefits package that includes, in part, paid vacation, sick leave, holidays, life insurance, health benefits, and participation in the Federal Employees Retirement System. Additional benefits include flexible spending accounts, long-term care insurance, and the SmartBenefits transit subsidy.

  • Our Mission

  • Washington, DC, USA | Full Time

Job Details

Jocancy Online Job Portal by jobSearchi.