Job Closed
This listing is no longer active.
LTS, a multi-ISO/CMMI Level 3 award-winning company, delivers first-class secure software lifecycle development, IT systems integration, program management, and intelligence commun
Cyber Security Analyst
Location
United States
Posted
104 days ago
Salary
$85K - $95K / year
Seniority
Senior
Job Description
Cyber Security Analyst
LTS
• Support cybersecurity efforts across multiple projects within a portfolio setting and proactively monitor upcoming cyber priorities across the VA Health portfolio. • Communicate and provide consultative support on the VA on matters related to system security certification & accreditation and Authority to Operate (ATO). • Coordinate and lead security and privacy activities within project teams and develop security and privacy related artifacts. • Review and identified system/applications security controls in accordance with NIST SP-800 53 Rev 5 guidance and VA Handbook 6500. • Responsible for on time deliverables of assigned and related security and privacy artifacts. • Must be able to identify and mitigate risks to the program. • Demonstrated experience in a remote work environment. • Ability to proactively communicate and coordinate with various internal and external project stakeholders, depending on needs. • Identifying and communicate symptoms for process improvement. • Ability to work independently with minimal guidance and supervision • Participate in support activities related to the integration of security architecture & engineering efforts in the SDLC IT lifecycle • Support a team of other cyber security professionals • Support Application development/maintenance and IT operations with Agile practices • Build and develop cyber security related artifacts • Resolve requests for assistance in troubleshooting issues • Participate in new and existing IT modernization, expansion, and improvement of security architecture and engineering projects support enterprise operations • Support ATO, and the VA ISSO in support of ATCs, ATOs, REEF, ServiceNow, GRC Tool and other security tracking systems. • Typical tasks for this role include but are not limited to: • Authority-to-Operate (ATO) & Authority to Connect (ATC) remediation efforts • Participate in mandated Security Control Assessments and Hight Value Assets Audits • System scans and audit preparation • Assist with contingency, incident response and disaster plans creation as well as testing of these plans. • ServiceNOW updates, and reporting • SOP Creation and Updating • Ability to effectively manage POAMs from creation to closure • PIA (Privacy Impact Analysis) and PTA (Privacy Threshold Analysis) Documentation • Program and administrative support (ATO notes, reports, org/role documentation, etc.) • Actively engaged with development teams in assisting with ATO process and providing required ATO artifacts • Ad hoc remediation response support • Communications support
Job Requirements
- Bachelor’s Degree in Business Administration, Business Management, Computer Science, Information Systems, Operations Research, or related fields, plus 5 years of experience; 5 additional years of experience can be substituted for the degree requirement
- U.S citizenship is required.
- Strong understanding and hands-on experience working with Federal Information Security Management Act (FISMA), NIST-800-53 guidance, HIPAA, and HITECH Act.
- Must have experience achieving an ATO for projects within the VA or other Federal Agencies.
- Experience supporting Information Assurance Certification and Accreditation (C&A) and associated IA processes, procedures, and activities with capability and expertise to implement applicable NIST and CNSS IA directives, instructions, guidelines
- Ticketing systems experience such as ServiceNow
- Experience in collaborating with other enterprise technologists both internal and external to resolve complex technical issues
- Ability to work both independently with minimal guidance and to supervise and lead collaborations with project team members, program customers, and program and external stakeholders on behalf of the VA Technical Lead. This position requires significant hands-on work execution by the candidate.
- Demonstrated experience in a remote work environment.
- Ability to proactively communicate and coordinate with various internal and external project stakeholders, depending on needs.
- Security+ or other applicable certification
- Experience applying security engineering concepts, processes, practices, and procedures on technical assignments, working with several different mission applications
- Analytical and investigation skills
- Experience with the VA Risk and Governance Tool
Benefits
- Health insurance
- 401(k) matching
- Comprehensive benefits for you and your family
- Access to cutting-edge tools and technologies
Related Guides
Related Categories
Related Job Pages
More Security Analyst Jobs
Senior Security Analyst
spiderSilkspiderSilk delivers tip of the spear threat detection technology for the public and private sectors, globally.
• Design and implement security automation systems, reducing manual workloads and accelerating detection and response. • Leverage Open-Source Intelligence (OSINT) techniques for threat hunting, investigations, and exposure analysis. • Collaborate with engineering and security teams to integrate automated solutions into production environments. • Support incident response and remediation efforts by providing research-driven insights and automated tooling. • Continuously evaluate and deploy emerging security tools, frameworks, and AI/automation technologies.
• Monitor security tools and investigate alerts across network, system, and cloud environments • Lead investigation and response for security incidents, including containment and remediation • Conduct vulnerability assessments and support penetration testing activities • Perform risk analysis and document findings with clear remediation plans • Develop and maintain runbooks, playbooks, and security procedures • Improve detection logic and response workflows based on emerging threats • Research new threats and recommend practical countermeasures • Prepare clear reports and brief stakeholders on incidents and risk trends • Mentor junior analysts and review investigative work for quality and accuracy • Support security audits and compliance activities as assigned
Analista de Segurança da Informação
CapptaAlcance novos horizontes conectando seu negócio a nossa Plataforma White Label de Tecnologia e Serviços Financeiros 🚀
• Experiência comprovada com segurança de sistemas e infraestrutura; • Habilidades "hands-on" para configurar e manter ferramentas de segurança, incluindo firewall, WAFs, sistemas de detecção e prevenção de intrusões (IDS/IPS), antivírus, api gateway e monitoramento de redes; • Monitoramento e investigação de alertas em ferramentas como SIEM e EDR; • Análise de eventos e tentativa de exploração de aplicações e infraestrutura; • Gestão e tratamento de vulnerabilidades (identificação, priorização e acompanhamento de correções); • Análise de código sob a perspectiva de segurança; • Participação em processos de due diligence de segurança em fornecedores; • Apoio na resposta a incidentes e investigação de possíveis comprometimentos; • Habilidade para desenvolver e documentar políticas, diretrizes e manuais de segurança; • Proposição de melhorias em processos e controles.
• Lead Incident Response efforts for corporate, cloud, and product environments, including investigation, containment, eradication, and recovery. • Perform threat hunting across endpoints, networks, and cloud workloads to proactively identify indicators of compromise, emerging threats, and control gaps. • Conduct cloud incident response for AWS, Azure, and GCP, and other cloud environments including Kubernetes and containerized workloads, performing log analysis, identity compromise investigations, and workload forensics. • Drive product security incident response, collaborating with engineering teams to analyze potential exposure to vulnerabilities, exploits, and security flaws in NVIDIA products. • Perform digital forensics and malware analysis to support investigations and root cause analysis. • Develop and optimize security orchestration and automation playbooks in partnership with Security Engineering to accelerate detection and response. • Build and refine detections and defense strategies based on threat models and attacker behaviors across cloud, identity, endpoint, and product telemetry, using frameworks such as MITRE ATT&CK to map adversary tactics and enhance detection coverage. • Provide guidance to engineering and business teams on secure design and incident handling standards and contribute to security policies, standards, and metrics to continuously improve NVIDIA’s security posture.
