Apply on Employer Site

IronArch Technology · 2 days ago

Enterprise Risk Analyst

United States

Full-time

Remote

Senior Level, Lead/Staff

10+ years exp

IronArch Technology is an award-winning Service-Disabled Veteran-Owned Small Business specializing in providing innovative solutions and services to Federal Government clients. The Enterprise Risk Analyst role involves executing the VA Enterprise Risk Analysis process to identify cyber security risk factors in medical devices and collaborating with teams to ensure effective risk management.

ConsultingInformation TechnologyOutsourcing

Growth Opportunities

Responsibilities

Execute the VA Enterprise Risk Analysis process using a custom ERA tool to identify key cyber security risk factors in network connected medical devices and Special Purpose Systems

Summarize, evaluate, and report risk factors using quantitative and qualitative scores to provide a VA authorizing official with awareness of residual cyber risk

Acquire, review and leverage system documentation and data gathered through questionnaires and interviews with customers and vendor/manufacturer representatives

Document critical security posture elements including hardware/software inventory, communications profile, system interconnections, data types and stores, and security controls for a given device type

Collaborate with Federal and contractor team mates to achieve best outcomes for the ERA process

Qualification

CybersecurityRisk managementNIST SP 800-53NIST SP 800-30Network topology documentationGovernanceRiskComplianceAssessmentAuthorizationCompTIA Security+ExcelVisioClient engagement

Required

Experience with Cybersecurity, risk management, or risk assessment for complex systems

Experience with NIST SP 800-53 and NIST SP 800-30

Experience with documenting and depicting network topology and network protocols

Ability to engage directly with clients, and third parties to facilitate enterprise risk analysis

Ability to obtain and maintain a Public Trust Clearance or Suitability/Fitness determination based on client requirements

Bachelor's degree in computer science, Electronics Engineering, or technical equivalent and 10 years of professional experience or a total of 18 years in lieu of education

Preferred

Experience with cybersecurity analysis of medical technology or Internet of Things (IoT)

Experience with Governance, Risk, and Compliance (GRC)

Experience with Assessment and Authorization (A&A) and eMASS

Experience with Excel and Visio

CompTIA Security+ or Certified Risk Management Professional (CRISC) or Certified in Risk and Information Systems Control (CRISC)

Benefits

Medical, dental and vision benefits where a significant portion of the premium is subsidized by IronArch.

Company-provided healthcare concierge assistance to help explain your coverage in plain language; help you find, choose, and schedule quality care; and address billing, benefit, or claims concerns, potentially saving hours of your time

401(k) retirement plan where the company contributes dollar for dollar up to 3 percent, and 50 cents on the dollar for the 4th and 5th percent with immediate entry and immediate vesting

20 days of PTO accumulated per calendar year

11 paid holidays

Bereavement, jury duty, parental (maternity/paternity/adoption), and military leaves

Sabbatical programs

Company-paid short- and long-term disability

Company-paid life insurance

Voluntary life, accidental and indemnity income replacement benefits

Professional development reimbursement

Health club reimbursement

Matching donation program and annual philanthropic activities

Pet insurance

And more!