Information Assurance Engineer

Information Assurance Analyst / Engineer

Razor is looking for an Information Assurance Analyst or Engineer to join a long term federal government contract. supporting the Department of Veterans Affairs. The role is 100% remote and will require you to go through a Public Trust Clearance and fingerprinting process.

The role requires specific work authorizations, inquire within.

36-40 hours a week with required time off of billing to stay within budget of the federal government program budgeted POP hours

The Challenge:

This individual's primary responsibility will be to track efforts and perform tasks related to A&A within VA to ensure assigned information systems, devices, and networks can obtain and maintain Authorization to Operate (ATO) and other decisions. This individual will plan, coordinate, and lead teams to conduct assessments of information systems and networks to identify vulnerabilities, risks, and security requirements in accordance with the VA A&A process. Secondary responsibilities include testing CCIs, validating Security Plans, weekly status updates, and extensive work in eMASS packages. This individual will be responsible for supporting VA SCARs, the VA Security Control Assessor (SCA), and other VA cybersecurity leadership in the execution and enforcement of VA Cyber Security and RMF process.

You Have:

1+ years of experience performing Information Assurance (IA) controls analysis, testing, and risk assessments

1+ years of experience with Nessus, Nmap, Burpsuite,, Linux security (RHEL7), AWS cloud security

Working knowledge of eMASS (Enterprise Mission Assurance Support Service)

Knowledge of NIST SP 800-53 and 800-37, CNSSI 1254, and other VA Risk Management policies

Ability to identify and evaluate major applications, infrastructure, enclaves, and Enterprise environments based on accreditation boundaries

Knowledge of defense-in-depth and other information security and assurance principles and associated supporting technologies

Familiarity with the use of vulnerability scanning and assessment tools necessary to identify and document compliance

Capable of providing thoughtful feedback to the ISO, ISSO and other VA Cyber Security leadership in to identify risks, communicate recommended courses of action, and recommend process improvements

Nice If You Have:

Experience with VA Cyber Security

Ability to work as an independent security practitioner and participate in a small team of security personnel reviewing the same system

Ability to communicate effectively both verbally and in writing

Ability to organize, analyze, and write technical documents that can be understood by non-technical individuals

Experience with Prisma Cloud/Twistlock and containerization