Senior ATO Security Analyst

Who We Are

Known for being a Best Place to Work and a People First company, IronArch Technology is an award-winning Service-Disabled Veteran-Owned Small Business (SDVOSB) specializing in providing innovative solutions and world class services to Federal Government clients. 

Our employees have voted us as a 'Best Place to Work' 9 times and we are an INC 5000 recipient for being one of the fastest growing businesses in the United States.

Our Values: Deliver Outcomes with Speed | Own the Work and the Results | Respect People. Speak Directly. | Stay Curious. Enjoy the Journey.

What You’ll Do

As a Senior ATO Security Analyst, you will support the Department of Veterans Affairs (VA) by guiding systems through the full Risk Management Framework (RMF) lifecycle and ensuring compliance with VA security policies and authorization requirements. In this role, you’ll partner with Information System Owners (ISOs), Information System Security Officers (ISSOs), and other stakeholders to coordinate Authorization to Operate (ATO) activities, identify and mitigate risks, and maintain the security posture of systems from acquisition and deployment through decommissioning. You will serve as a trusted security advisor, translating complex cybersecurity requirements into practical recommendations that enable secure and compliant IT system implementation.

Key Responsibilities

• Coordinate and support RMF Steps 0–6 activities required to obtain and maintain system Authorizations to Operate (ATO).
• Collaborate with Information System Owners (ISOs), Information System Security Officers (ISSOs), and system stakeholders to ensure security requirements are implemented and documented.
• Develop, update, and maintain detailed security documentation and authorization artifacts in accordance with VA policies and processes.
• Identify, assess, and help mitigate security risks and vulnerabilities, escalating critical risks to leadership when necessary.
• Provide information system security guidance throughout the system lifecycle, including acquisition, installation, operations, and decommissioning.
• Translate complex cybersecurity and RMF requirements into actionable recommendations to support secure system deployment and operations.
• Support security reviews of IT systems, networks, hardware, and software across a variety of environments and installation sites.

• Experience in proactively and independently managing complex system records in the Enterprise Mission Assurance Support Service (eMASS) tool.
• Experience with supporting all RMF steps, security categorizations, creating and updating security artifacts and FISMA security documents, control implementation details, and Plan of Action and Milestones (POA&M)
• Experience with National Institute of Standards and Technology (NIST) SP 800-53 security controls, RMF, and system authorizations and security compliance standards and processes
• Experience in creating plans and approaches for executing product installation securely in accordance with agency authorization policy requirements for system major changes and development lifecycle, while identifying potential risks and      working with system stakeholders to create mitigation strategies to reduce or eliminate risks
• Analyze authorization documents and associated artifacts against authorization requirements to identify gaps, establish a schedule to address outstanding authorization requirements, and coordinate directly with system stakeholders to address      identified gaps in accordance with required deadlines
• Excellent oral and written communication skills and the ability to independently lead client-facing meetings and present complex ATO topics to the client
• Ability to organize, manage, and maintain large amounts of discrete data with various expiration dates across multiple systems simultaneously
• Ability to obtain and maintain a Public Trust or Suitability/Fitness determination based on client requirements.
• Bachelor’s degree in Computer Science, Electronics Engineering or other Engineering or technical discipline and 5 years of relevant work experience or 13 years of relevant work experience in lieu of degree

Preferred Experience

• Experience working with VA
• Ability to engage with varying levels of staff/leadership
• Experience supporting ATOs for specialized devices

Location

• This position is open to remote delivery anywhere within the U.S., to include the District of Columbia.   
• (#LI-remote) 

Why IronArch Technology?

• Awarded Best Place to Work 9 times!
• Competitive compensation and market-leading bonus opportunities
• Medical, dental and vision benefits where a significant portion of the premium is subsidized by IronArch. For qualifying high deductible health plans, IronArch also contributes towards a Health Reimbursement Account to cover eligible medical expenses
• Company-provided healthcare concierge assistance to help explain your coverage in plain language; help you find, choose, and schedule quality care; and address billing, benefit, or claims concerns, potentially saving hours of your time
• 401(k) retirement plan where the company contributes dollar for dollar up to 3 percent, and 50 cents on the dollar for the 4th and 5th percent with immediate entry and immediate vesting
• 20 days of PTO accumulated per calendar year
• 11paid holidays
• Bereavement, jury duty, parental (maternity/paternity/adoption), and military leaves
• Sabbatical programs
• Company-paid short- and long-term disability
• Company-paid life insurance
• Voluntary life, accidental and indemnity income replacement benefits
• Professional development reimbursement
• Health club reimbursement
• Matching donation program and annual philanthropic activities 
• Pet insurance
• And more!

Apply today to learn why IronArch Technology has been recognized as “Best Place to Work” for 9 years!

IronArch Technology is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law.

In alignment with applicable state and local pay transparency laws, IronArch includes a salary range in our job descriptions to support equity and transparency in our hiring process. The compensation range provided reflects what we reasonably expect to offer for this role, with the final offer determined by a variety of factors including skills, experience, and scope of responsibilities.