We are searching for a Sr. Cyber Security Analyst to support a long-term federal contract for The Department of Veterans Affairs. Please send an updated resume and target pay rate (1099 or C2C preferred).
MUST BE A US CITIZEN TO BE CONSIDERED ELIGIBLE BASED ON FEDERAL REQUIREMENTS
Location: 100% Remote
Position Summary: Candidate will join a team tasked with providing support services to the United States Department of Veterans Affairs to ensure a secure, compliant, effective and efficient cloud architecture is implemented by the agency. In addition, candidate will be responsible for collaborating at various levels of the organization to assist in developing definitive guidance for Agency system owners to migrate operational systems to the cloud while maintaining or achieving Authority to Operate (ATO).
Candidate will be expected to collaborate with customer staff with responsibilities for Governance, Risk, Compliance and Information Security. Understanding and influencing enterprise requirements as appropriate in order to drive GRC platform development requests, from design, configuration, system development, through service implementation and application usability in order to scale and adapt to current and emerging requirements.
Along with an excellent work ethic, strong candidates will possess the motivation to accept and accomplish tasks with minimal guidance. The ideal candidate is self-managed, flexible, and team-oriented with exceptional communication skills and an ability to proactively identify customer needs to manage risks associated with a project.
Looking for a high performance, challenge-driven Information Assurance professional with a strong background in Test-Driven Development, Functional Programming, and Software Architecture. Demonstrated Skill in Process Optimization, Software Development, and Risk Management are a plus.
Responsibilities include but are not limited to:
- Reviewing existing Agency infrastructure and security documentation, performing interviews of key personnel, and reviewing technical control implementations of agency authorized cloud environments.
- Person(s) will be required to document detailed design implementation recommendations to enable our customer to remain in compliance with federal regulations and industry best practices while identifying opportunities to increase visibility and oversight into production system operations in the cloud.
- Working with customer Network Operations Center and Security Operations Center to ensure that required data feeds and views are correlated, centralized, and provide staff with a seamless transition from traditional internal network monitoring to blended monitoring of internal networks, private cloud instances, and CSP leveraged environments.
Ideal candidate will possess and demonstrate a high-level of knowledge in the following areas:
- Securing cloud environments, including: public, private, or hybrid cloud services that meet federal guidelines and regulations and NIST Special Publication best practice (e.g. NIST SP 500-292, NIST SP 800-53 Rev. 4)
- Implementing, assessing, and evidencing NIST 800-53 rev.4 security controls in a cloud environment for the Federal Government
- Designing, implementing, and configuring secure cloud architecture solutions within Cloud Service Provider environments (e.g. AWS, Azure) and within customer private clouds
- Supporting project teams during system design to promote the effective deployment of IT assets to cloud environments in a secure and compliant manner
- Cloud computing infrastructure, application development methodologies, best practices, and available and emergent services in CSP environments to support these functions
- Available cloud security solutions focused on: Data Governance, Risk Management, Endpoint Security, Network Visibility and Advanced Threat Monitoring and Management
- Migration of infrastructure, data and applications out of legacy data centers into cloud environments
- Security requirements applicable to Federal agencies with health care responsibilities (e.g., HIPAA, PCI, FedRAMP, FISMA, SOX, TIC, NIST, etc.)
- Review and assess customer SIEM deployments and required data/security views monitored for internal IT assets for applicability/feasibility in cloud environments
- Developing or assessing metrics and measures to reflect and illustrate the security, effectiveness, and efficiency of leveraged cloud environments
- 4 year degree in Computer Science or a related technical degree (or a minimum of 5 -7 years of progressive IT experience in networking or Cyber Security)
- A VA designated High-Risk Background Investigation (BI) clearance preferred, or the ability to obtain such clearance.
Knowledge of the following preferred:
- Identifying and recommending Federally compliant cloud solutions for private clouds and IaaS or PaaS CSPs.
- Document detailed designs for a Cloud infrastructure based on industry best practices in cloud computing, for an IaaS or PaaS CSP environment.
- At least one industry recognized certification (AWS, Azure, CCSP, CISSP, etc.).
- Experience with CSP log and monitoring solutions (e.g., AWS Cloud Watch, and Azure Monitor)
- Experience with secure network communication techniques and protocols.