Cybersecurity Analyst (Remote)

Oxley Enterprises®, Inc.

$90K — $118K *
US-AnywhereRemote in Stafford, VA
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • 5+ years in cybersecurity and information assurance
  • Bachelor's Degree in cybersecurity, IT, or related field
  • CompTIA Security+ or CAP certification preferred
  • Strong experience with POA&M creation and management
  • Proven ability with TRM submissions
  • Experience supporting federal agencies
  • Excellent verbal and written communication skills

Responsibilities

  • Manage and track POA&Ms within ServiceNow
  • Draft and maintain TRM submissions and documentation
  • Submit and manage Business Partner Extranet connection requests
  • Ensure POA&Ms are closed when no longer relevant or mitigated
  • Catalog BPE connections and manage their updates
  • Report issues affecting TRM authorization timelines
  • Contribute updates to monthly RMF and ATO status reports

Benefits

  • Medical, dental, vision, and prescription drug coverage for you and your family
  • Life Insurance and disability coverage paid for by the Company
  • Optional supplemental coverages like Accident and Critical Illness
  • Additional life insurance for you and your dependents
  • 401k plan with various options for retirement savings
Full Job Description
The following states/districts are excluded from this job ad: AK, CA, CO, CT, DC, HI, LA, MA, MN, MO, NE, NV, NH, NJ, NM, NY, ND, OR, PR, RI, VT, WA, WY

Future Need - Actively Interviewing

Location: Remote in any United States jurisdiction not excluded from this job advertisement.

Protect the compliance posture of a mission-critical Department of Veterans Affairs (VA) cloud platform. As a Cybersecurity Analyst, you will manage Plan of Action and Milestones (POA&Ms), Technical Reference Model (TRM) submissions, and security documentation across hundreds of applications in a multi-tenant Amazon Web Services (AWS) GovCloud environment.

Position Description: The Cybersecurity Analyst manages POA&M tracking, TRM submissions, Business Partner Extranet (BPE) connection management, and supports security documentation for the platform.

Minimum/General Experience: 5 years of experience in cybersecurity and information assurance

Minimum Education: Bachelor's Degree in cybersecurity, information technology, or related field; CompTIA Security+ or Certified Authorization Professional (CAP) certification (preferred)

Essential Skills/Qualifications:
  • Excellent experience creating and maintaining POA&Ms (e.g., periodic review, milestone updates, and mitigation plan detail)
  • Excellent ability to ensure POA&M alignment to National Institute of Standards and Technology (NIST) security control families and Control Correlation Identifiers (CCI)
  • Excellent experience drafting and maintaining TRM submissions
  • Excellent ability to submit and maintain Business Partner Extranet (BPE) connection requests (e.g., information gathering, request submission, and BPE admin team coordination)
  • Excellent knowledge of POA&M closure criteria
  • Above average experience maintaining security documentation (e.g., Security Impact Analysis (SIA), Information System Vulnerability Management Plan (ISVMP), Privacy Impact Assessment (PIA), Privacy Threshold Analysis (PTA), and Configuration Management Plan artifacts)
  • Experience supporting a federal agency
  • Excellent verbal and written communication skills

General Physical Requirements needed to perform the essential functions of this job may vary based on the location of the assignment.
  • Assignment Location - Remote
  • Sedentary Work - Exerting up to 10 pounds of force occasionally and/or a negligible amount of force frequently or constantly to lift, carry, push, pull or otherwise move objects.
  • Typing, communicating, repetitive motions.
  • Close visual acuity to prepare and analyze data, view computer monitors and read. May need to view presentation screens and other visual aids in a virtual setting.
  • Inside environmental conditions with protection from outside elements.

Security: Active Federal Civilian Public Trust clearance
  • U.S. Citizenship or Permanent Resident that has lived in the United States for at least 3 years

Federal Civilian Public Trust Consists of a review of up to but not limited to:
  • Covers 10 year period and in some instances lifetime events
  • OPM Security Investigations Index (SII)
  • DOD Defense Central Investigations Index (DCII)
  • National Agency Check (NAC) records
  • FBI name check
  • FBI fingerprint check
  • Credit report check
  • Written inquiries to previous employers and references listed on the application for employment
  • Potential interviews with the subject, spouse, neighbors, supervisor, coworkers
  • Law enforcement check
  • Court records check
  • Education check - Attendance and Degrees


Tasks/activities include, but are not limited to:
  • Creates and maintains POA&M within ServiceNow (SNOW) Continuous Authorization Monitoring (CAM) ensuring proper alignment to relevant NIST security control families and CCI
  • Drafts and maintains POA&M verbiage aligning with findings and clearly depicting mitigation strategy and timeline as required by the portfolio Information System Owner
  • Ensures POA&Ms are closed out once overcome by events (OBE), mitigated, or no longer relevant to the system to which they are assigned
  • Drafts justification verbiage and attends TRM approval board meetings for software and application usage requests; submits requests for TRM entry removal as usage becomes unneeded
  • Submits and maintains BPE connection requests including information gathering and staffing all required BPE admin team meetings
  • Catalogs and maintains a complete list of all BPE connections used within the platform and manages removal of connections no longer needed
  • Maintains and updates security documentation including SIA, ISVMP, PIA, PTA, and Configuration Management Plan artifacts for hosted applications
  • Reports issues and approaching TRM authorization ends with potential to affect managed applications to the appropriate portfolio Information System Owner
  • Contributes POA&M status, TRM activity, and BPE connection updates to the monthly RMF, security, and Authorization to Operate (ATO) status report

Compensation & Benefits: The annual projected pay range for this position is $90,897 - $118,016 with consideration being given to various factors including but not limited to qualifications, experience, job responsibilities, and geographic location.

Oxley Enterprises, Inc. offers a full array of benefits including:
  • Medical, dental, vision and prescription drug coverage for you and your family.
  • Life Insurance, short-term disability and long-term disability paid for by the Company.
  • Supplemental coverages including Accident, Critical Illness, and Hospital.
  • Additional Life insurance coverage for you and your dependents.
  • 401k plan with various options to select based on your retirement goals.

Similar Jobs

More Jobs at Oxley Enterprises®, Inc.

More Information Technology Jobs

Find similar Cybersecurity Analyst (Remote) jobs: