RES eVA Cyber Security Associate (Remote)
US-Remote
Careers (External)
Req #: 8020
Type: Full-Time
|
|
||||||||||
|
|||||||||||
Overview: GovCIO is currently hiring for RES Cyber Engineer to support the eVA Authority to Operation process. This position will be a fully remote position within the United States. Responsibilities: * Develop and maintain portions of ATO documentation such as SSP control narratives, RA inputs, IRP/ISCP sections, and configuration management artifacts. * Manage day‑to‑day updates in eMASS including POA&M edits, control evidence uploads, package preparation, and workflow tracking with moderate independence. * Support Continuous Monitoring activities by updating ServiceNow CAM dashboards, analyzing control status, and assisting in monthly/quarterly reporting. * Coordinate vulnerability scans and perform preliminary analysis to identify potential weaknesses. * Participate in security audits and assessments by assembling evidence, drafting responses, and executing assigned tasks. * Contribute to risk assessments by identifying gaps, summarizing findings, and proposing initial remediation recommendations. * Assist in planning and conducting IRP/ISCP/DRP tabletop exercises; update plans based on observed results. * Work with cross‑functional partners to support alignment of engineering, security, and privacy requirements. * Draft SOPs, workflows, and documentation to improve security processes. * Develop proficiency with VA cybersecurity frameworks, GRC requirements, and system boundary documentation. Qualifications: Required Skills and Experience * Bachelor's degree in Computer Science, Cyber Security, Information Systems, or equivalent experience. * 2-5 years of hands‑on cybersecurity or GRC experience supporting ATO or compliance activities. * Working knowledge of RMF, NIST SP 800‑53 controls, and federal security requirements. * Experience using eMASS, GRC tools, or vulnerability management platforms. * Ability to analyze security findings, interpret scan results, and document remediation steps. * Strong writing ability for security documentation. * Strong attention to detail and organizational skills. * Effective communication and collaboration skills across technical and non‑technical teams. Preferred Skills and Experience * Experience with Jira, Confluence, and Microsoft 365. * Experience supporting VA cybersecurity programs or other federal clients. * Certifications such as Security+, CAP, CISA (in progress), or similar. * Experience with or interest in AI‑assisted automation for evidence review and control mapping. * Regulation Knowledge * FISMA, FedRAMP * NIST SP 800‑53 Rev 4/5 * NIST SP 800‑37 RMF * VA Directive 6500 and VA RMF processes Clearance Required: * Ability to obtain and maintain Suitability for Public Trust clearance
Share this job:
