Abacus Solutions Group: We're built on our shared core values! We are difference-makers, passionate about serving, we work hard with integrity and do the right thing. Difference makers means that we look at every opportunity as a chance to make a difference. Passionate about serving means that we are always looking for ways to serve our customers and coworkers. Working hard and doing the right thing with integrity means that for every decision we make we 1st ask, "Is the decision consistent with our moral and ethical principles". We hire, review, reward and recognize our teammates based on these characteristics, so it is important that you share these values to be part of the team.
Position Description: We're hiring a Cyber Security Engineer to work with the Veterans Administration (VA) to support the Compliance, Risk and Remediation service line in creating, deploying, and providing support for the Records Management - Metadata Knowledge Repository (RM-MKR). Our team will provide iterative application updates, training, and ATO support to the service line.
Duties and Responsibilities:
ATO Process Management: Lead and support the Authority to Operate (ATO) process for systems, applications, and networks, ensuring compliance with security policies, standards, and regulatory requirements.
Security Assessments: Conduct security assessments, vulnerability scans, penetration testing, and risk assessments to identify security vulnerabilities and risks in systems and applications.
Security Controls Implementation: Implement and configure security controls, encryption mechanisms, access controls, and monitoring tools to protect systems and data from unauthorized access, attacks, and breaches.
Documentation and Reporting: Develop and maintain security documentation, including System Security Plans (SSPs), Security Assessment Reports (SARs), Plan of Action and Milestones (POA&Ms), and other compliance artifacts required for ATO.
Compliance Monitoring: Monitor and track compliance status, security incidents, and remediation efforts, and provide regular updates and reports to stakeholders and leadership.
Security Policies and Procedures: Develop, update, and enforce security policies, procedures, and guidelines in alignment with industry standards (NIST, FISMA, etc.) and organizational requirements.
Incident Response and Mitigation: Participate in incident response activities, investigate security incidents, analyze root causes, and implement corrective actions and mitigation strategies.
Technical Support and Training: Provide technical support, guidance, and training to teams on security best practices, secure coding techniques, and compliance requirements.
Collaboration and Communication: Collaborate with IT teams, developers, system administrators, and third-party vendors to address security concerns, implement security measures, and facilitate the ATO process.
Continuous Improvement: Stay updated with emerging cybersecurity threats, technologies, and trends, and contribute to the continuous improvement of cybersecurity processes, tools, and practices.
Requirements
Required Skills/Knowledge/Experience:
5-8 years experience in cybersecurity, with a focus on ATO support, risk management, compliance, and security assessments.
Strong understanding of cybersecurity principles, frameworks (NIST, FISMA), and regulatory requirements (e.g., FedRAMP, HIPAA, GDPR).
Experience with security assessment tools (e.g., Nessus, Qualys), SIEM solutions, penetration testing tools, and encryption technologies.
Familiarity with cloud security principles and practices (AWS, Azure, etc.) is a plus.
Excellent analytical skills, problem-solving abilities, and attention to detail in assessing and mitigating security risks.
Strong communication, collaboration, and leadership skills, with the ability to work effectively in a team environment and interact with stakeholders at all levels.
Required Education/Certification:
Bachelor's degree in Computer Science, Information Security, or related field; Additional years of experience may be considered in lieu of degree.
Master's Degree preferred.
Relevant certifications such as CISSP, CISM, CEH, Security+, or related certifications are highly desirable.
Clearance / Background investigation:
Position is only open to US Citizens
Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information.
Pay and Benefits:
Range: $77K-100K
Full benefits package to include medical, dental, employer matching retirement plan, and more!
All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements.
