Apply on Employer Site

IronArch Technology · 1 day ago

Enterprise Risk Analyst

United States

Full-time

Remote

Senior Level, Lead/Staff

$135K/yr - $145K/yr

10+ years exp

IronArch Technology is an award-winning Service-Disabled Veteran-Owned Small Business that specializes in providing innovative solutions to Federal Government clients. The Enterprise Risk Analyst role involves executing the VA Enterprise Risk Analysis process to identify key cybersecurity risk factors in medical devices and collaborating with teams to ensure comprehensive risk assessments.

ConsultingInformation TechnologyOutsourcing

Growth Opportunities

Responsibilities

The Enterprise Risk Analyst role executes the VA Enterprise Risk Analysis process using a custom ERA tool to identify key cyber security risk factors in network connected medical devices and Special Purpose Systems (e.g., building automation systems, physical security systems, operational technology)

These risk factors are summarized, evaluated, and reported using quantitative and qualitative scores to provide a VA authorizing official with awareness of the residual cyber risk prior to connecting these devices to the VA network

The Risk Analyst must acquire, review and leverage system documentation and data gathered through questionnaires and interviews with customers in the field and vendor/manufacturer representatives to accurately document critical security posture elements in a common reporting format

These elements include hardware/software inventory, communications profile, system interconnections, data types and stores, and the presence or lack of security controls, settings and mechanisms for a given device type

The analyst works within the Specialized Device Cybersecurity Department Risk Management team and is expected to collaborate with Federal and contractor team mates to achieve best outcomes for the ERA process

Qualification

CybersecurityRisk managementNIST SP 800-53NIST SP 800-30Network topologyGovernanceRiskComplianceAssessmentAuthorizationCompTIA Security+ExcelVisioClient engagement

Required

Experience with Cybersecurity, risk management, or risk assessment for complex systems

Experience with NIST SP 800-53 and NIST SP 800-30

Experience with documenting and depicting network topology and network protocols

Ability to engage directly with clients, and third parties to facilitate enterprise risk analysis

Ability to obtain and maintain a Public Trust Clearance or Suitability/Fitness determination based on client requirements

Bachelor's degree in computer science, Electronics Engineering, or technical equivalent and 10 years of professional experience or a total of 18 years in lieu of education

Preferred

Experience with cybersecurity analysis of medical technology or Internet of Things (IoT)

Experience with Governance, Risk, and Compliance (GRC)

Experience with Assessment and Authorization (A&A) and eMASS

Experience with Excel and Visio

CompTIA Security+ or Certified Risk Management Professional (CRISC) or Certified in Risk and Information Systems Control (CRISC)

Benefits

Medical, dental and vision benefits where a significant portion of the premium is subsidized by IronArch.

Company-provided healthcare concierge assistance to help explain your coverage in plain language; help you find, choose, and schedule quality care; and address billing, benefit, or claims concerns, potentially saving hours of your time

401(k) retirement plan where the company contributes dollar for dollar up to 3 percent, and 50 cents on the dollar for the 4th and 5th percent with immediate entry and immediate vesting

20 days of PTO accumulated per calendar year

11 paid holidays

Bereavement, jury duty, parental (maternity/paternity/adoption), and military leaves

Sabbatical programs

Company-paid short- and long-term disability

Company-paid life insurance

Voluntary life, accidental and indemnity income replacement benefits

Professional development reimbursement

Health club reimbursement

Matching donation program and annual philanthropic activities

Pet insurance

And more!