LTS · 14 hours ago
Cyber Security Analyst
United States
Full-time
Remote
Mid, Senior Level
$85K/yr - $95K/yr
5+ years expLTS is seeking a Cyber Security Analyst to support the Department of Veterans Affairs (VA) Health Portfolio. The role involves supporting cybersecurity efforts across multiple projects, coordinating security activities, and ensuring compliance with security standards.
Business IntelligenceConsultingInformation Technology
No H1B
U.S. Citizen Only
Responsibilities
Communicate and provide consultative support on the VA on matters related to system security certification & accreditation and Authority to Operate (ATO)
Coordinate and lead security and privacy activities within project teams and develop security and privacy related artifacts
Review and identified system/applications security controls in accordance with NIST SP-800 53 Rev 5 guidance and VA Handbook 6500
Responsible for on time deliverables of assigned and related security and privacy artifacts
Must be able to identify and mitigate risks to the program
Demonstrated experience in a remote work environment
Ability to proactively communicate and coordinate with various internal and external project stakeholders, depending on needs
Identifying and communicate symptoms for process improvement
Ability to work independently with minimal guidance and supervision
Participate in support activities related to the integration of security architecture & engineering efforts in the SDLC IT lifecycle
Support a team of other cyber security professionals
Support Application development/maintenance and IT operations with Agile practices
Build and develop cyber security related artifacts
Resolve requests for assistance in troubleshooting issues
Participate in new and existing IT modernization, expansion, and improvement of security architecture and engineering projects support enterprise operations
Support ATO, and the VA ISSO in support of ATCs, ATOs, REEF, ServiceNow, GRC Tool and other security tracking systems
Typical tasks for this role include but are not limited to:
Authority-to-Operate (ATO) & Authority to Connect (ATC) remediation efforts
Participate in mandated Security Control Assessments and Hight Value Assets Audits
System scans and audit preparation
Assist with contingency, incident response and disaster plans creation as well as testing of these plans
ServiceNOW updates, and reporting
SOP Creation and Updating
Ability to effectively manage POAMs from creation to closure
PIA (Privacy Impact Analysis) and PTA (Privacy Threshold Analysis) Documentation
Program and administrative support (ATO notes, reports, org/role documentation, etc.)
Actively engaged with development teams in assisting with ATO process and providing required ATO artifacts
Ad hoc remediation response support
Communications support
Qualification
Required
Bachelor's Degree in Business Administration, Business Management, Computer Science, Information Systems, Operations Research, or related fields, plus 5 years of experience; 5 additional years of experience can be substituted for the degree requirement
U.S citizenship is required
Ability to work in a fast-paced, proactive collaborative environment
Strong understanding and hands-on experience working with Federal Information Security Management Act (FISMA), NIST-800-53 guidance, HIPAA, and HITECH Act
Must have experience achieving an ATO for projects within the VA or other Federal Agencies
Experience supporting Information Assurance Certification and Accreditation (C&A) and associated IA processes, procedures, and activities with capability and expertise to implement applicable NIST and CNSS IA directives, instructions, guidelines
Ticketing systems experience such as ServiceNow
Experience in collaborating with other enterprise technologists both internal and external to resolve complex technical issues
Ability to work both independently with minimal guidance and to supervise and lead collaborations with project team members, program customers, and program and external stakeholders on behalf of the VA Technical Lead. This position requires significant hands-on work execution by the candidate
Demonstrated experience in a remote work environment
Ability to proactively communicate and coordinate with various internal and external project stakeholders, depending on needs
Security+ or other applicable certification
Experience applying security engineering concepts, processes, practices, and procedures on technical assignments, working with several different mission applications
Analytical and investigation skills
Experience with the VA Risk and Governance Tool
Preferred
Experience within the VA Risk Framework (RMF) space
Experience using Service Now (SNOW) Continuous Authorization and Monitoring (CAM) Tool
Experience with Cloud Engineering and Agile/Scrum
Experience in HBSS, ACAS, and NESSUS scanning, analysis, mitigation, and implementation
Experience with cloud migration and security architecture
Experience with event-driven architecture
Knowledge or experience with VistA
Evaluation and creation of POA&Ms
CISSP certification
Experience with Federal Risk and Authorization Management Program (FedRAMP) is a definite plus
Experience with achieving an ATO for Software as a Service (SaaS) and/or Cloud based applications is a definite plus
Experience with the VA's Governance, Risk management and Compliance (GRC) Tool, CAM, ServiceNow
Preferred: CISSP (ISC2) or CISM (ISACA)
Acceptable: CEH (EC-Council), GSEC (SANS GIAC), or Security+ (CompTIA)
Benefits
Comprehensive benefits for you and your family
Company
LTS
LTS is an information technology (IT) provider for mission critical systems.
1001-5000 employees
Funding
Current Stage
Late StageLeadership Team
Bekim Veseli
CEO and President
Dave Logan
Chief Financial Officer
Recent News
Company data provided by crunchbase