Position title: ATO System Steward
Core Hours:8a-4p ET
As an ATO?System Steward on our team, you’ll use your experience to work with the Veterans Affairs (VA) to discover and mitigate their cybersecurity risks, understand and apply policies to address requests for information on cyber best practices, conduct risk assessments for specialized devices, support ATO activities for RMF steps 0-6, and provide information system security expertise to ensure the appropriate operational security posture is maintained for information systems. You will perform very detail-oriented system documentation and updates and collaborate closely with system owners and ISSOs to execute ATO support duties. You’ll work with your client to translate security concepts into actionable implementable solution recommendations to help the client make informed security decisions. This is your opportunity to act as an information security subject matter expert while broadening your skills in cybersecurity. This position is open to remote delivery anywhere within the U.S., to include the District of Columbia.
Must Have:
- Experience with managing complex system records in the Enterprise Mission Assurance Support Service (eMASS) tool
- Experience with supporting system Authority to Operate (ATO) processes and creating artifacts, control implementation details, and POAMs
- Experience with Information Security Continuous Monitoring (ISCM), RMF automation, and Comply to Connect
- Experience with National Institute of Standards and Technology (NIST) security controls, the Governance, Risk Management, and Compliance (GRC) security documentation tool, Risk Management Framework (RMF), and security compliance processes
- Experience with Federal Information Security Management Act (FISMA) and Federal Information System Controls Audit Manual (FISCAM) criteria
- Ability to facilitate meetings, analyze authorization documents and associated artifacts against authorization requirements to identify gaps, establish a schedule to address outstanding authorization requirements, and coordinate directly with system team stakeholders
- Ability to obtain and maintain a Public Trust or Suitability/Fitness determination based on client requirements
- Master's degree in Computer Science, Electronics Engineering, or technical equivalent and 5 years of relevant experience or a total of 15 years in lieu of education
Nice to Have:
- Experience with the VA
- Possession of excellent oral and written communication skills
- Masters Degree computer science, electronics engineering or other engineering or technical discipline is required.
- 5 years of experience
- Experience in managing teams of Security Analysts. Is able to effectively leverage vast detailed knowledge and familiarity with security discipline. Has thorough knowledge of security principles, concepts, policy and regulations. is able to identify risks in security systems and work with technical experts to resolve security issues. Possess ability to identify key concepts, factors and risks based on conversations and document these in clear and concise narrative or graphic reports.