AddressCognosante is on a mission to transform our country’s healthcare and national security systems. With our health and security-focused solutions, we help public sector organizations achieve the important task of providing the best possible public services to American Citizens. From Enterprise IT, Data Science, and Security Services, to full-scale Consumer Engagement and Interoperability solutions, we are moving government services forward with transformation and innovation. Learn how we are making a difference in people’s lives today!
Job Description
Cognosante is seeking an experienced Security Engineer with a strong track record of delivering high caliber results with high client satisfaction. The successful candidate must be energetic, communicative, intelligent, passionate, and motivated, and have a passion and aptitude for ensuring software quality.
As a Security Engineer, you will assist with activities related to designing, selecting, implementing, and maintaining security controls for major information systems supporting federal government contracts, including achieving and sustaining authorization to operate (ATO) following NIST Risk Management Framework procedures and guidance mandated under FISMA. Key job duties including specifying and documenting security control requirements, supporting security control assessments, and working with development and implementation team members to ensure that all security requirements are adequately addressed. The Security Engineer also helps identify relevant security and privacy standards and regulations applicable to systems under development or in operation and helps ensure compliance with those standards and regulations. You will be part of a team dedicated to change Healthcare IT. Superior communication and collaboration skills are essential to this role. The ideal candidate will have a knowledge of VA, Community Care, and DevSecOps.
The position is fast paced on a complex, high priority project, requiring both hard and soft skills, and focused dedication. The candidate must be an effective communicator and collaborator, and a mature and empathetic team member. This role requires a passion and commitment to supporting VA in meeting the needs of our Veterans and their families.
This is a remote position.
Key Responsibilities
- Be an advocate for our VA customer stakeholders and the ultimate beneficiaries of our solution - our Nation’s Veterans
- Assist with identifying and supporting what changes or processes will satisfy the organization’s security requirements
- Work closely with the Project Manager to ensure dates, risks, project plans, and security controls for various applications are documented, communicated, and understood
- Support technical solutions that address vulnerability findings and security gaps
- Analyze current system designs and requirements to ensure all current systems and system updates meet goals and expectations
- Evaluate information security technologies and create recommendations and plans for implementation
- Support the Sr. Systems Security Engineer in the review of technical, management, and operational Security Controls in accordance with the NIST and FedRAMP approved cloud and on-premises system environments to ensure the completeness and effectiveness of the IT system’s information technology and security solutions
- Apply experience and knowledge of NIST Risk Management Framework (RMF) and how federal agencies apply this to secure their information systems
- Apply experience and knowledge with Assessment and Authorization (A&A) including Authority To Operate (ATO) packages and its alignment with RMF processes
- Conduct compliance reviews to ensure all products developed are in accordance with VA security standards. Perform qualitative assessment of current Cloud Computing Frameworks particularly as it relates to security in cloud environments
- Summarize and document all security-related activity, with emphasis on high-risk activities and potential/actual security breaches and violations
- Identify process improvement opportunities
- Collaborate with program management, VA stakeholders, the program team, and Cognosante management as to ensure a high level of quality across the project to ensure its success
- Develop a keen understanding of program goals and requirements and develop a vision to both meet the customer’s current needs, and for evolution of the program to meet changing client needs
- Anticipate project challenges and risk scenarios and prepare, lead, and execute proactive mitigation strategies to ensure optimal results
- Meet individual potential and performance expectations
- Maintain knowledge of VA rules and regulations
- Plan, monitor, and control relevant tasks outlined in the contract and statement of work
- Escalate key issues and recommended solutions to project and client leadership
- Interact effectively and professionally with clients, stakeholders, partners, sub-contractors, and vendors recognizing you will be the face of Cognosante in many conversations
- Other duties as assigned by program leadership
Required Qualifications
- Must have or be able to obtain a Public Trust clearance
- 5 years of relevant experience
- Bachelor's Degree (Computer science, electronics engineering or other engineering or technical discipline)
- 8 years of additional relevant experience may be substituted for education
- Experience in managing security programs for a variety of IT products, systems, and networks both small and large and complex
- Strong ability to ensure that records are maintained, security updates are promulgated, and staff are properly briefed
- Experience in coordinating with organizational security teams to ensure program consistency and compliance with all security requirements
- Thorough knowledge of organizational and agency level security requirements and ensures that systems and personnel comply with these standards
Candidates that do not meet the required qualifications will not be considered.
Additional Minimum Qualifications
- Passionate and motivated self-starter that excels in a dynamic, fast-paced environment requiring only limited supervision
- A team player and a consistent, dependable performer, with an excellent work ethic, flexible “can-do” attitude, and a results-driven commitment to success
- Able to manage multiple competing deadlines
- Must be capable of working closely with Program Leadership and subcontractor PMs to understand issues and work towards resolution
- Requires strong analytical and organizational skills to include strong attention to detail (written and oral)
- Full understanding of the VA ATO process
- Strong interpersonal skills and ability to work collaboratively in a dynamic team environment
- Strong conceptual understanding of how and when to apply security controls for information systems
- Excellent communication and technical documentation skills
- Ability to read technical documentation and identify alignment and/or conflict with process requirements and policies
- Ability to translate findings into customer communications along with action-items to resolve potential issues
- Ability to prioritize and work on multiple projects and initiatives simultaneously and adapt to changing priorities and tight deadlines
- Superb soft skills including the ability to gain the trust of stakeholders and senior management and negotiate priorities with external teams
- Working knowledge of the software development life cycle (SDLC) for SaaS applications
- Proficiency with MS Office Suite, MS Teams, MS Project, and SharePoint
- Must be able to communicate both verbally and in written form
- Availability to work flexible hours, including some evenings and weekends as required
- Must be eligible to work in the United States
- Must have reliable internet service that allows for effective telecommuting
Preferred Qualifications
- Experience supporting Department of Veterans Affairs (VA) and/or other federal organizations
- Experience with Agile methodology and Scrum approach
- 5+ years of related cyber or information security experience required, preferably in a government or federal setting
- Prefer industry-recognized certifications such as Certified Information Systems Security Professional (CISSP) or Certified Authorization Professional (CAP) or Certified Ethical Hacker (CEH)
- Availability to work flexible hours, including some evenings and weekends as required
- Current VA clearance, PIV, and GFE
What We Offer
Our mission is to provide comprehensive and competitive pay, benefits, services, and programs to eligible employees and their dependents that:
Ensure optimal health and productivity of our employees
Support employee retention and attraction
Provide work/life balance to ensure our employees succeed inside and outside of the office
Compensation
$96,760.98 - $154,817.56The pay range for this job is determined by various factors, including but not necessarily limited to location, responsibilities of the job, and alignment with market data. When determining a salary for this role, the following factors may be taken into consideration - contract-specific affordability, education, knowledge, skills, competencies and experience. The estimate displayed represents the salary range for this position and is just one component of Cognosante’s total compensation package for employees. It is not necessarily reflective of actual compensation that may be earned, nor a promise of any specific pay for any specific employee.
Cognosante will not provide sponsorship for employment-based immigration benefits for this position.
What We Promise
Cognosante employees are inspired by our bold mission to improve lives. To achieve this mission, we put our people first. No matter where they're located around the nation, our innovative workplaces enable individuals to apply their skills and experience to work toward a greater good.
We foster a winning culture of solution creators built on innovation, collaboration, flexibility, and work-life balance. And we invest in the next generation of diverse talent to foster an inclusive, progressive, adaptable workplace that prioritizes advancement for all. As an affirmative action employer, we are committed to equal opportunity regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.
Your safety during your job search is important. Recruiting communications will always be sent through one of the following corporate domain emails (@cognosante.com or @accurate.com).
We will never send communications through any other domain, including @cognosantecareers.com, @gmail.com or @yahoo.com). We will never request payment from you, nor will we send payment to you, prior to your start date. If you have been asked to send or receive any payment, or if you have any doubt about whether you have been contacted by a Cognosante employee, please contact us at jobs@cognosante.com
