GovCIO is currently hiring for RES Cyber Engineer to support the eVA Authority to Operation process. This position will be a fully remote position within the United States.
Responsibilities
Develop and maintain portions of ATO documentation such as SSP control narratives, RA inputs, IRP/ISCP sections, and configuration management artifacts.
Manage day‑to‑day updates in eMASS including POA&M edits, control evidence uploads, package preparation, and workflow tracking with moderate independence.
Support Continuous Monitoring activities by updating ServiceNow CAM dashboards, analyzing control status, and assisting in monthly/quarterly reporting.
Coordinate vulnerability scans and perform preliminary analysis to identify potential weaknesses.
Participate in security audits and assessments by assembling evidence, drafting responses, and executing assigned tasks.
Contribute to risk assessments by identifying gaps, summarizing findings, and proposing initial remediation recommendations.
Assist in planning and conducting IRP/ISCP/DRP tabletop exercises; update plans based on observed results.
Work with cross‑functional partners to support alignment of engineering, security, and privacy requirements.
Draft SOPs, workflows, and documentation to improve security processes.
Develop proficiency with VA cybersecurity frameworks, GRC requirements, and system boundary documentation.
Qualifications
Required Skills and Experience
Bachelor’s degree in Computer Science, Cyber Security, Information Systems, or equivalent experience.
2–5 years of hands‑on cybersecurity or GRC experience supporting ATO or compliance activities.
Working knowledge of RMF, NIST SP 800‑53 controls, and federal security requirements.
Experience using eMASS, GRC tools, or vulnerability management platforms.
Ability to analyze security findings, interpret scan results, and document remediation steps.
Strong writing ability for security documentation.
Strong attention to detail and organizational skills.
Effective communication and collaboration skills across technical and non‑technical teams.
Preferred Skills and Experience
Experience with Jira, Confluence, and Microsoft 365.
Experience supporting VA cybersecurity programs or other federal clients.
Certifications such as Security+, CAP, CISA (in progress), or similar.
Experience with or interest in AI‑assisted automation for evidence review and control mapping.
Regulation Knowledge
FISMA, FedRAMP
NIST SP 800‑53 Rev 4/5
NIST SP 800‑37 RMF
VA Directive 6500 and VA RMF processes
Clearance Required:
Ability to obtain and maintain Suitability for Public Trust clearance
Posted Salary Range
USD $95,000.00 - USD $113,000.00 /Yr.
Apply To This Job