Cybersecurity Analyst (ISSO/ISSM) | Data Privacy | Compliance | Risk Assessment | eMASS & ATO
VetCentric is focused on delivering outstanding services to the federal government. We have extensive experience in the fields of cybersecurity, supply chain & logistics management, strategy, business analytics, and IT services such as system design, continuous improvement, virtualization, and data center management. VetCentric is an SBA certified HUBZone company and VA CVE certified Service-Disabled Veteran-Owned Small Business (SDVOSB). We operate in 15 states with offices in Washington DC and Northern Virginia.
Perks Working with Us:
- Competitive compensation
- Comprehensive health, vision, dental benefits
- 15 days leave and 10 days of paid Federal Holidays
- 401(k) with a matching plan
- Annual training budget
- Fantastic company culture
Location: Remote, US (Any location). Candidates from HUBZones preferred
Hours: Monday - Friday, 8:00 AM to 5:00 PM
Employment Eligibility: Eligible to work for any employer in the United States
- This position is responsible for creating and implementing security plans, enforcing information systems security policies, standards, and methodologies, creating security plans, conducting Risk Assessment Reports and System Requirements Traceability Matrices (SRTMs)
Required Skills & Experience:
- Education: Bachelor’s or higher in computer science/ technical discipline
- Years of related experience: 5+ years of experience is required as an ISSO/ ISSM including experience implementing, and enforcing information systems security policies, standards, and methodologies; creating security plans, policies & procedures (SSP’s), Risk Assessment Reports or SRTM’s
- Technical Skills: FISMA, FedRAMP, RMF (Risk Management Framework), NIST 800.53 controls, and understanding SA&A processes, eMass, ATO (supporting system processes & control implementation)
- Clearance: Must have or be able to attain and maintain Public Trust or higher
Desired Skills & Experience:
- Certifications: Cybersecurity certifications, such as CISSP, CISSO, CISM, CompTIA Security+, CISA, CEH, GCIH, GCIA, GCFA, GCFE, CDMP, CDP-DG or similar
- Support adoption and implementation of NIST-based standards across the agency.
- Support all steps of NIST 800.53
- Participate in the selection of the organization’s common security controls and in determining their suitability for use in the information system
- Review the security controls regarding their adequacy in protecting the information and information system
- Prepare and review documentation to include Systems Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs); support security authorization activities
- Implement and enforcing information systems security policies, standards, and methodologies
- Evaluate security solutions to ensure they meet security requirements for processing classified information; perform vulnerability/risk assessment analysis to support certification and accreditation.
- Manage changes to the system and assess the security impact of those changes.
“E-Verify Employer, EOE Females/Minorities/Protected Veterans/Individuals with Disabilities; VetCentric partners will offer equal employment opportunities to all persons without regard to race, color, religion, sexual orientation, gender, gender identity, age, national origin, physical or mental disability, veteran status, or other characteristic protected by applicable law.”