Cyber Security Analyst

LTS is seeking a Cyber Security Analyst to support the Department of Veterans Affairs (VA) Health Portfolio. This position is 100% remote.

The Health PMO support contract providesIT program management, project management, technical management, financial management, functional planning, and documentation analysis in support of the Enterprise Program Management Office (EPMO) Enterprise Program Management Division (EPMD) Health Portfolio. The VA Health Portfolio is focused on development and execution of quality IT projects that address the needs of Veterans and health care providers through management of health care information and sustainment of production software to keep the mission going.

LTS provides trusted consulting, and solutions in an increasingly complex and growing world. Our deep expertise in technology and analytics helps us serve a broad constituency of clients that range from cabinet-level departments of the U.S. Government to the largest Federal IT contractors in the world.

LTS is a leading information technology (IT) provider for mission critical systems leveraging the latest technologies to deliver innovative solutions from small mobile applications to large, complex enterprise applications. Our professionals specialize in multiple disciplines including program management, system integration, system design, system development, cybersecurity, infrastructure, and data analytics.

Responsibilities

This individual will support cybersecurity efforts across multiple projects within a portfolio setting and proactively monitor upcoming cyber priorities across the VA Health portfolio.

• Communicate and provide consultative support on the VA on matters related to system security certification & accreditation and Authority to Operate (ATO).
• Coordinate and lead security and privacy activities within project teams and develop security and privacy related artifacts.
• Review and identified system/applications security controls in accordance with NIST SP-800 53 Rev 4 guidance and VA Handbook 6500.
• Responsible for on time deliverablesof assigned and related security and privacy artifacts.
• Must be able to identify and mitigate risks to the program.
• Demonstrated experience in a remote work environment.
• Ability to proactively communicate and coordinate with various internal and external project stakeholders, depending on needs.
• Identifying and communicate symptoms for process improvement.
• Ability to work independently with minimal guidance and supervision
• Well versed in the VA Veteran-Focused Integration Process (VIP) project management methodology.
• Participate in support activities related to the integration of security architecture & engineering efforts in the SDLC IT lifecycle
• Support a team of other cyber security professionals
• Support Application development/maintenance and IT operations with Agile practices
• Build and develop cyber security related artifacts
• Resolve requests for assistance in troubleshooting issues
• Participate in new and existing IT modernization, expansion, and improvement of security architecture and engineering projects support enterprise operations
• Support ATO, and the VA ISSO in support of ATCs, ATOs, eMASS, REEF, and other security tracking systems
• Typical tasks for this role include but are not limited to:
• Authority-to-Operate (ATO) & Authority to Connect (ATC) remediation efforts
• System scans and audit preparation
• eMASS updates, and reporting
• SOP Creation and Updating
• Artifact Research
• PIA (Privacy Impact Analysis) and PTA (Privacy Threshold Analysis) Documentation
• Program and administrative support (meeting notes, reports, org/role documentation, etc.)
• Ad hoc remediation response support
• Communications support
  

Required Skills And Qualifications

• Bachelor’s degree in Business Administration, Business Management, Computer Science, Information Systems, Operations Research, or related fields, plus 5 years of experience; 5 additional years of experience can be substituted for the degree requirement.
• Must be able to obtain and maintain a Public Trust.
• Strong understanding and hands-on experience working with Federal Information Security Management Act (FISMA), NIST-800-53 guidance, HIPAA, and HITECH Act.
• Must have experience achieving an ATO for projects within the VA or other Federal Agencies.
• Experience supporting Information Assurance Certification and Accreditation (C&A) and associated IA processes, procedures, and activities with capability and expertise to implement applicable NIST and CNSS IA directives, instructions, guidelines.
• Ticketing systems experience such as ServiceNow.
• Experience in collaborating with other enterprise technologists both internal and external to resolve complex technical issues.
• Ability to work both independently with minimal guidance and to supervise and lead collaborations with project team members, program customers, and program and external stakeholders on behalf of the VA Technical Lead. This position requires significant hands-on work execution by the candidate.
• Demonstrated experience in a remote work environment.
• Ability to proactively communicate and coordinate with various internal and external project stakeholders, depending on needs.
• Ability to work in a fast-paced, collaborative environment.
• Security+ or other applicable certification.
• Experience applying security engineering concepts, processes, practices, and procedures on technical assignments, working with several different mission applications.
• Analytical and investigation skills.
• Experience with the VA Risk and Governance Tool (eMASS)
  
  

Preferred Skills And Experience

• Experience as a VA ISSO, ISO or System Steward
• Experience with Cloud Engineering and Agile/Scrum
• Experience in HBSS, ACAS, and NESSUS scanning, analysis, mitigation, and implementation
• Experience with cloud migration and security architecture
• Experience with event-driven architecture
• Knowledge of HL7
• Knowledge or experience with VistA
• Evaluation and creation of POA&Ms
• CISSP certification
• Experience with Federal Risk and Authorization Management Program (FedRAMP) is a definite plus.
• Experience with achieving an ATO for Software as a Service (SaaS) and/or Cloud based applications is a definite plus
• Well versed in the VA Veteran-Focused Integration Process (VIP) project management methodology and other VA security related reporting methodologies.
• Experience with the VA’s Governance, Risk management and Compliance (GRC) Tool, eMASS.
• Security certification below preferred.
• Preferred: CISSP (ISC2) or CISM (ISACA)
• Acceptable: CEH (EC-Council), GSEC (SANS GIAC), or Security+ (CompTIA)
  

LTS is committed to offering eligible employees comprehensive benefits that will provide them with options intended to meet their needs and the needs of their family.

LTS is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.