ATO Cybersecurity Engineer

CAREERS

ATO Cybersecurity Engineer

A Cyber Security Engineer has IT experience with Cyber Security Policy and threat mitigation. Must be well versed in Cyber Security Tools, network topologies, intrusion detection, PKI, and secured networks. Must have familiarity and experience in the implementation of cyber security regulations.

Work with system owners to create their ATO packages. Review and create artifacts that comply with the VA’s authorization requirements, compliance and map those artifacts to the appropriate NIST 800-53 controls such as Assessment Procedures (AP) testing and evaluation. Review and help to write control implementation statements. Work with system teams to review, update, and create their POAMs and help system teams to navigate the Enterprise Mission Assurance Support System (eMASS) GRC tool. Provide guidance and support to system teams throughout every step of the RMF process and eMASS workflow. This position is open to remote delivery anywhere within the U.S.

Must have:

• Experience with supporting system Authority to Operate (ATO) processes, Artifact Development processes, Security Control implementation details, and Plan Of Action & Milestones (POA&M)
• Experience with leading and managing cyber teams
• Experience with client management and engagement
• Knowledge of the Risk Management Framework (RMF) and NIST 800-53 Rev. 4
• Ability to facilitate meetings
• Ability to analyze authorization documents and associated artifacts against authorization requirements to identify gaps, establish a schedule to address outstanding authorization requirements, coordinate directly with system team stakeholders, and implement work activities in accordance with established Standard Operating Procedures (SOPs)
• Ability to work independently and in teams
• Ability to work core business hours of 8AM to 5PM (EST), Monday through Friday
• Ability to obtain a security clearance

Nice to have:

• Experience with ATO requirements, artifact orchestration, and review experience
• Experience with POAM Lifecycle management
• Experience with eMASS
• Experience with the Security Technical Implementation Guide (STIG) Viewer
• Experience with federal IT and Cloud security policies
• Knowledge of the system security scanner Tenable and or Nessus
• Knowledge of information technology concepts, cloud computing methodologies (PAAS, SAAS, IAAS), FedRAMP/AWS GovCloud, network/server topologies and configurations
• Ability to articulate authorization requirements to varying degrees of staff/leadership
• CISSP or CISA or CAP or CISM or CRISC certificationCertifications: CISSP, CISA, CAP, CISM, CRISC.

To apply, send your cover letter and resume to info@veteransengineering.net with ATO Cybersecurity Engineer in the subject line.