Cybersecurity Engineer (Remote) #7510 jobs in United States
cer-icon
Apply on Employer Site
company-logo

ExecutivePlacements.com · 21 hours ago

Cybersecurity Engineer (Remote) #7510

positionUnited States
timeFull-time
remoteRemote
senioritySenior Level
date5+ years exp

GovCIO is currently hiring for a Cybersecurity Engineer supporting the Department of Veterans Affairs. This role is responsible for supporting Assessment and Authorization (A&A) efforts under the Risk Management Framework (RMF), coordinating with technical and business stakeholders, and ensuring information systems meet applicable federal security requirements prior to receiving and maintaining an Authority to Operate (ATO).

Human ResourcesOnline PortalsRecruiting
badNo H1BnoteSecurity Clearance Requirednote

Responsibilities

Support the Information System Security Officer (ISSO) with a wide variety of information system security activities
Perform Assessment and Authorization (A&A) efforts for Major Applications and General Support Systems in accordance with the Risk Management Framework (RMF) per NIST SP 800-37
Facilitate A&A kickoff, bi-weekly status, and close-out meetings with system owners, subject matter experts (SMEs), and other stakeholders to drive systems toward successful authorization outcomes
Develop system security categorization documentation in accordance with FIPS 199 and NIST SP 800-60, and tailor security control selections based on system type, architecture, and operational environment
Document security control implementation statements by gathering and validating information from SMEs, System Owners (SOs), and the ISSO
Conduct Security Impact Assessments (SIAs) to evaluate changes to system architecture, networks, applications, security boundaries, or environments of operation
Request and coordinate vulnerability scanning activities for assigned systems and analyze scan results using tools such as Nessus
Conduct Security Control Assessments (SCAs) in accordance with NIST SP 800-53 Rev. 5, NIST SP 800-53A Rev. 5, and NIST SP 800-37 Rev. 1, including facilitation of evidence and artifact collection
Initiate, develop, and maintain Plans of Action and Milestones (POA&Ms) documenting security assessment findings, risk impacts, and remediation recommendations
Coordinate vulnerability remediation activities with technical teams to ensure findings are addressed within required timelines
Work directly with SMEs throughout the Security Assessment and Authorization (SA&A) process to resolve issues and provide guidance across all phases of the RMF life cycle
Develop, update, and review RMF documentation, including System Description Reports, System Security Plans (SSPs), Security Assessment Plans (SAPs), Security Assessment Reports (SARs), and Risk Assessment Reports (RARs)
Assemble complete security authorization packages, develop authorization briefings, and schedule and participate in authorization meetings in support of obtaining and maintaining ATOs

Qualification

RMF AssessmentAuthorizationNIST SP 800-37NIST SP 800-53/53A Rev. 5Vulnerability Scanning (Nessus)RMF DocumentationCoordination SkillsCybersecurity CertificationCommunication Skills

Required

Bachelor's Degree and 5 - 8 years of experience (or commensurate experience)
Experience supporting RMF-based Assessment and Authorization (A&A) efforts for federal information systems
Strong working knowledge of NIST SP 800-37, NIST SP 800-53/53A Rev. 5, FIPS 199, and NIST SP 800-60
Experience developing and maintaining RMF documentation, including SSPs, SAPs, SARs, POA&Ms, and ATO packages
Familiarity with vulnerability scanning tools such as Nessus and interpreting scan results
Ability to coordinate across technical and non-technical stakeholders, including system owners and SMEs
Strong written and verbal communication skills

Preferred

Five (5) to eight (8) years of progressive experience supporting RMF-based cybersecurity activities for federal information systems
Prior experience supporting the Department of Veterans Affairs (VA), including familiarity with VA-specific security policies, procedures, and ATO processes
Demonstrated experience performing A&A activities for Major Applications and General Support Systems within a federal civilian environment
Experience briefing senior leadership, Authorizing Officials (AOs), or Designated Approving Authorities (DAAs)
Relevant cybersecurity certification (e.g., CISSP, CAP, Security+, or similar)

Company

ExecutivePlacements.com

twittertwittertwitter
company-logo
Online recruitment
dateFounded in 2011
location
Johannesburg, NA - South Africa, ZAF
people-size11-50 employees
web-link
https://executiveplacements.com

Funding

Current Stage
Early Stage
Company data provided by crunchbase