Cybersecurity Engineer (Remote) jobs in United States
cer-icon
Apply on Employer Site
company-logo

GovCIO · 20 hours ago

Cybersecurity Engineer (Remote)

positionUnited States
timeFull-time
remoteRemote
senioritySenior Level
date5+ years exp

GovCIO is currently hiring for a Cybersecurity Engineer supporting the Department of Veterans Affairs. This role involves executing a wide range of cybersecurity and compliance activities, supporting Assessment and Authorization efforts, and ensuring information systems meet federal security requirements.

ConsultingIT InfrastructureIT ManagementManagement Consulting
badNo H1BnoteSecurity Clearance Requirednote

Responsibilities

Support the Information System Security Officer (ISSO) with a wide variety of information system security activities
Perform Assessment and Authorization (A&A) efforts for Major Applications and General Support Systems in accordance with the Risk Management Framework (RMF) per NIST SP 800-37
Facilitate A&A kickoff, bi-weekly status, and close-out meetings with system owners, subject matter experts (SMEs), and other stakeholders to drive systems toward successful authorization outcomes
Develop system security categorization documentation in accordance with FIPS 199 and NIST SP 800-60, and tailor security control selections based on system type, architecture, and operational environment
Document security control implementation statements by gathering and validating information from SMEs, System Owners (SOs), and the ISSO
Conduct Security Impact Assessments (SIAs) to evaluate changes to system architecture, networks, applications, security boundaries, or environments of operation
Request and coordinate vulnerability scanning activities for assigned systems and analyze scan results using tools such as Nessus
Conduct Security Control Assessments (SCAs) in accordance with NIST SP 800-53 Rev. 5, NIST SP 800-53A Rev. 5, and NIST SP 800-37 Rev. 1, including facilitation of evidence and artifact collection
Initiate, develop, and maintain Plans of Action and Milestones (POA&Ms) documenting security assessment findings, risk impacts, and remediation recommendations
Coordinate vulnerability remediation activities with technical teams to ensure findings are addressed within required timelines
Work directly with SMEs throughout the Security Assessment and Authorization (SA&A) process to resolve issues and provide guidance across all phases of the RMF life cycle
Develop, update, and review RMF documentation, including System Description Reports, System Security Plans (SSPs), Security Assessment Plans (SAPs), Security Assessment Reports (SARs), and Risk Assessment Reports (RARs)
Assemble complete security authorization packages, develop authorization briefings, and schedule and participate in authorization meetings in support of obtaining and maintaining ATOs

Qualification

Risk Management Framework (RMF)NIST SP 800-37NIST SP 800-53/53A Rev. 5Security Control Assessments (SCA)Vulnerability scanning (Nessus)RMF documentationCybersecurity certificationCoordination with stakeholdersCommunication skills

Required

Bachelor's Degree and 5 - 8 years of experience (or commensurate experience)
Experience supporting RMF-based Assessment and Authorization (A&A) efforts for federal information systems
Strong working knowledge of NIST SP 800-37, NIST SP 800-53/53A Rev. 5, FIPS 199, and NIST SP 800-60
Experience developing and maintaining RMF documentation, including SSPs, SAPs, SARs, POA&Ms, and ATO packages
Familiarity with vulnerability scanning tools such as Nessus and interpreting scan results
Ability to coordinate across technical and non-technical stakeholders, including system owners and SMEs
Strong written and verbal communication skills

Preferred

Five (5) to eight (8) years of progressive experience supporting RMF-based cybersecurity activities for federal information systems
Prior experience supporting the Department of Veterans Affairs (VA), including familiarity with VA-specific security policies, procedures, and ATO processes
Demonstrated experience performing A&A activities for Major Applications and General Support Systems within a federal civilian environment
Experience briefing senior leadership, Authorizing Officials (AOs), or Designated Approving Authorities (DAAs)
Relevant cybersecurity certification (e.g., CISSP, CAP, Security+, or similar)

Benefits

Employee Assistance Program (EAP)
Corporate Discounts
Learning & Development platform, to include certification preparation content
Training, Education and Certification Assistance*
Referral Bonus Program
Internal Mobility Program
Pet Insurance
Flexible Work Environment

Company

GovCIO

twittertwittertwitter
company-logo
GovCIO is a business consulting firm that focuses on cyber security, digital, data, management and mission services, and IT services.
dateFounded in 2010
location
Fairfax, Virginia, USA
people-size1001-5000 employees
web-link
https://govcio.com

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Lynn Oakes
Sr. Vice President, Contracts at GovCIO
linkedin
leader-logo
Andre Green
Vice President Special Operations Support Solutions (SOSS) GOVCIO
linkedin

Recent News

Washington Technology
GovCIO loses GAO IT services recompete to SAIC
2026-01-14
PR Newswire
GovCIO Drives Early Impact in VA's RES Modernization Effort
2026-01-14
Washington Technology
Space, tech and growth leadership moves across the market
2025-11-26
Company data provided by crunchbase