Mid Cybersecurity Engineer (A&A)

Denver, CO, United States

"Company Introduction 9th Way Insignia is a service-disabled, veteran-owned small business bringing transformative technology to our government customers so they can achieve their missions. Our specialties include cybersecurity, cloud modernization, software development, data analytics, enterprise architecture, enterprise IT, and artificial intelligence. Learn more about 9th Way Insignia at https://9thwayinsignia.com.

Team (Project) Introduction The ISSE project provides system security engineering expertise in support of VA IT applications and infrastructure. This includes project management, risk management, strategic planning support for enterprise systems and modernization as well as implementation, cloud services support, technical analysis of documentation, publications and handbooks, technical analysis of new policies and emerging technologies to include implementation and training support, systems integration and implementation to include the analysis of program security deficiencies and application integration monitoring through the governance process, multimedia communications and outreach, operations and services support, information and cybersecurity training, administrative support, follow the product line management (PLM) process, Assessment and Authorization support, and system security engineering support. We are responsible for promoting security as part of the system engineering development life cycle and required engineering

9th Way Insignia has an opening for a Cybersecurity Engineer to work in support of the Department of Veterans Affairs (VA), Office of Information Security (OIS) on the Information System Security Engineering (ISSE) Assessment and Authorization (A&A) team.

Professional Level The Cybersecurity Engineer position aligns as an Engineer, 2 with 9th Way Insignia. An Engineer, 2 has a good understanding of the software development life cycle and can take on work without much direction majority of the time. Performs multiple engineering-related tasks in various assignments within the project and firm. An Engineer, 2 has broad knowledge of engineering procedures and assists in the resolution of complex problems. An Engineer, 2, has strong technical skills and background, a knack for learning new technologies, and a blend of good problem-solving and innovation needed to resolve a wide variety of technical production challenges.

Functional Job (LCAT) Information:

Bachelor's degree in Business Administration, Business Management, Cybersecurity, Computer Science, Information Systems, Information Assurance, Information Security, Information Resource Management, or related fi One or more of the following: IAT II, IAM II or IASAE II certifications. 5 years of Information Security Experience of which at least 3 years are of Cybersecurity and Cloud Security experience at a large Government agency similar in size/scope to GSA, IRS, DoD or VA).

Responsibilities

Assess VA's A&A process and provide an A&A Process Assessment Report to address both FISMA and FedRAMP control requirements and make recommendations for integrating into the current A&A process. The Government anticipates approximately 4 assignments within the base and each option period. Analyze and recommend ongoing guidance regarding potential security impacts to design and architecture changes, present to project lead or representative as a part of Weekly Activity Report, per assigned project. Consult with OIS policy, software assurance, and security architecture teams on applicable policy, processes, and procedures; analyze and recommend changes, as required for assigned projects. Participate in recurring, strategic level meetings for assigned projects such as the Risk Vision working group and security requirement steering committee on a bi-monthly (twice a month) basis; cloud security working group and enterprise security architecture working group on a weekly basis; an weekly program decision level meetings. Perform Federal Information Processing Standard (FIPS) assessments for assigned projects and identify and define information types to support system categorization for systems requiring ATO support. Provide support to projects requiring ATO approval. This includes participation in the A&A process; conducting reviews of security-related VIP documentation, such as A&A artifacts (e.g., System Security Plans, Incident Response Plans); consulting with System Owners and Project Management Leads; and documenting A&A support activities in an A&A Assessment Report. Conduct and deliver a Governance Risk and Compliance (GRC) Tool Analysis Report on the GRC tool that captures information security deficiencies or shortfalls.

Requirements

Experience in cybersecurity engineering requirements and authorizations (FedRAMP/RMF) into systems and applications. Experience in IT and Cloud design, security, development, systems engineering, and implementation efforts. Experience in large-scale Cloud solutions in federal and/or commercial industry. Experience with Federal A&A and ATO activities. Experience in Federal policies, processes, and standards.

Preferred/Desired

Experience with understanding SDLC and A&A processes.

Salary Range The salary range for this position is $77,096.24 to $105,000.00