Overview

GovCIO is currently hiring for a Cybersecurity Engineer supporting the Department of Veterans Affairs. This position is fully remote.

The Information Systems Security Analyst supports the Information System Security Officer (ISSO) in executing a wide range of cybersecurity and compliance activities in support of a federal civilian agency. This role is responsible for supporting Assessment and Authorization (A&A) efforts under the Risk Management Framework (RMF), coordinating with technical and business stakeholders, and ensuring information systems meet applicable federal security requirements prior to receiving and maintaining an Authority to Operate (ATO).

Responsibilities

• Support the Information System Security Officer (ISSO) with a wide variety of information system security activities.

• Perform Assessment and Authorization (A&A) efforts for Major Applications and General Support Systems in accordance with the Risk Management Framework (RMF) per NIST SP 800-37.

• Facilitate A&A kickoff, bi-weekly status, and close-out meetings with system owners, subject matter experts (SMEs), and other stakeholders to drive systems toward successful authorization outcomes.

• Develop system security categorization documentation in accordance with FIPS 199 and NIST SP 800-60, and tailor security control selections based on system type, architecture, and operational environment.

• Document security control implementation statements by gathering and validating information from SMEs, System Owners (SOs), and the ISSO.

• Conduct Security Impact Assessments (SIAs) to evaluate changes to system architecture, networks, applications, security boundaries, or environments of operation.

• Request and coordinate vulnerability scanning activities for assigned systems and analyze scan results using tools such as Nessus.

• Conduct Security Control Assessments (SCAs) in accordance with NIST SP 800-53 Rev. 5, NIST SP 800-53A Rev. 5, and NIST SP 800-37 Rev. 1, including facilitation of evidence and artifact collection.

• Initiate, develop, and maintain Plans of Action and Milestones (POA&Ms) documenting security assessment findings, risk impacts, and remediation recommendations.

• Coordinate vulnerability remediation activities with technical teams to ensure findings are addressed within required timelines.

• Work directly with SMEs throughout the Security Assessment and Authorization (SA&A) process to resolve issues and provide guidance across all phases of the RMF life cycle.

• Develop, update, and review RMF documentation, including System Description Reports, System Security Plans (SSPs), Security Assessment Plans (SAPs), Security Assessment Reports (SARs), and Risk Assessment Reports (RARs).

• Assemble complete security authorization packages, develop authorization briefings, and schedule and participate in authorization meetings in support of obtaining and maintaining ATOs.

Qualifications

Required Skills and Experience

• Bachelor's Degree and 5 - 8 years of experience (or commensurate experience)

• Experience supporting RMF-based Assessment and Authorization (A&A) efforts for federal information systems.

• Strong working knowledge of NIST SP 800-37, NIST SP 800-53/53A Rev. 5, FIPS 199, and NIST SP 800-60.

• Experience developing and maintaining RMF documentation, including SSPs, SAPs, SARs, POA&Ms, and ATO packages.

• Familiarity with vulnerability scanning tools such as Nessus and interpreting scan results.

• Ability to coordinate across technical and non-technical stakeholders, including system owners and SMEs.

• Strong written and verbal communication skills.

Preferred Skills and experience

• Five (5) to eight (8) years of progressive experience supporting RMF-based cybersecurity activities for federal information systems.

• Prior experience supporting the Department of Veterans Affairs (VA), including familiarity with VA-specific security policies, procedures, and ATO processes.

• Demonstrated experience performing A&A activities for Major Applications and General Support Systems within a federal civilian environment.

• Experience briefing senior leadership, Authorizing Officials (AOs), or Designated Approving Authorities (DAAs).

• Relevant cybersecurity certification (e.g., CISSP, CAP, Security+, or similar).

Clearance Required:

Ability to obtain and maintain a Suitability/Public Trust clearance.

Company Overview

GovCIO is a team of transformers--people who are passionate about transforming government IT. Every day, we make a positive impact by delivering innovative IT services and solutions that improve how government agencies operate and serve our citizens.But we can't do it alone. We need great people to help us do great things - for our customers, our culture, and our ability to attract other great people. We are changing the face of government IT and building a workforce that fuels this mission. Are you ready to be a transformer?

What You Can Expect

Interview & Hiring Process

If you are selected to move forward through the process, here’s what you can expect:

• During the Interview Process
• Virtual video interview conducted via video with the hiring manager and/or team
• Camera must be on
• A valid photo ID must be presented during each interview

• During the Hiring Process
• Enhanced Biometrics ID verification screening
• Background check, to include:
• Criminal history (past 7 years)
• Verification of your highest level of education
• Verification of your employment history (past 7 years), based on information provided in your application

Employee Perks

At GovCIO, we consistently hear that meaningful work and a collaborative team environment are two of the top reasons our employees enjoy working here. In addition, our employees have access to a range of perks and benefits to support their personal and professional well-being, beyond the standard company offered health benefits, including:

• Employee Assistance Program (EAP)
• Corporate Discounts
• Learning & Development platform, to include certification preparation content
• Training, Education and Certification Assistance*
• Referral Bonus Program
• Internal Mobility Program
• Pet Insurance
• Flexible Work Environment

*Available to full-time employees

Our employees’ unique talents and contributions are the driving force behind our success in supporting our customers, which ultimately fuels the success of our company. Join us and be a part of a culture that invests in its people and prioritizes continuous enhancement of the employee experience.

We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, disability, or status as a protected veteran. EOE, including disability/vets.

Posted Pay Range

The posted pay range, if referenced, reflects the range expected for this position at the commencement of employment, however, base pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, education, experience, and internal equity. The total compensation package for this position may also include other compensation elements, to be discussed during the hiring process. If hired, employee will be in an “at-will position” and the GovCIO reserves the right to modify base salary (as well as any other discretionary payment or compensation program) at any time, including for reasons related to individual performance, GovCIO or individual department/team performance, and market factors.

Posted Salary Range