LCAT: Cyber Security Engineer
Required education: Bachelors
Required Degree: computer science, electronics engineering or other engineering or technical discipline is required.
Years of Experience: 10 years
Substitution Criteria: 8 years of additional relevant experience may be substituted for education
NOTE: Immediate need for a seasoned professional with security control assessment experience who can think outside-of-the-box!
Position Title: Information Security Risk Specialist
Core Hours: 9a-3p ET
As an information security risk specialist on our team, you'll use your experience to work with VA to discover their cyber risks, understand applicable policies, and develop a mitigation plan. You'll review technical, environmental, and personnel details to assess the entire threat landscape. Then, you'll guide your client through a plan of action with presentations, white papers, and milestones. You'll work with your client to translate security concepts, so they can make the best decisions to secure their mission critical systems, critical infrastructure, etc. This is your opportunity to act as an information security subject matter expert while broadening your skills in Risk Management Framework and NIST Security and Privacy controls. Join us as we protect the VA systems and data and provide a safer cyber environment for veteran's healthcare. This position is open to remote delivery anywhere within the U.S., to include the District of Columbia.
You have:
- Experience with NIST special publications, FIPS 199, 140-2, the full RMF process, NIST security controls, Risk Analysis, Vulnerability Management, Contingency Planning, or Cloud Computing
- Experience in information security and assurance principles, specifically the NIST Cybersecurity Framework
- Experience with being able to assist efforts involving presentations, white papers, and project milestones
- Experience in assessing NIST security and privacy controls and maintaining Plans of Action and Milestones (POA&Ms)
- Experience in providing guidance for understanding the NIST security and privacy controls and for providing sufficient documentation/artifacts for each control within a tool such as eMASS
- Experience in reviewing security requirements, recommending a mitigation strategy for deficiencies, and working directly with clients to provide solutions and education
- Experience with GRC (Governance risk compliance) tools such as eMASS
- Experience with performing annual security reviews in accordance with FISMA reporting
- Ability to obtain and maintain a Public Trust or Suitability/Fitness determination based on client requirements
- Bachelor degree in Computer Science, Electronics Engineering, or technical equivalent and 10 years of relevant experience or a total of 18 years in lieu of education.
Nice if you have:
- Hands on experience with Privacy and Security control implementation, testing/assessment, and POAM management
- Experience utilizing data analytical tools like MS Excel
- Excellent customer service and organization skills
- Excellent verbal and written communication skills
- Self-starter with ability to work flexibly in a very fast-paced environment
- Preferred certifications: CAP, CISSP, CISM, PMP, CCSK
- Experience with VA
- Public Trust
Job Types: Full-time, Contract
Pay: $60.00 - $63.00 per hour
Expected hours: 40 per week
Benefits:
- 401(k)
- Dental insurance
- Health insurance
Schedule:
- 8 hour shift
Education:
- Bachelor's (Required)
Experience:
- it: 10 years (Required)
- emass: 1 year (Required)
- Cyber Security: 8 years (Required)
Work Location: Remote