Cyber Security Subject Matter Expert

Summary

Join VetsEZ as a Cyber Security SME on a remote team supporting a Department of Veterans Affairs (VA) project. The ideal candidate possesses extensive experience in cybersecurity, DLP tools, network topologies, intrusion detection, and Zero Trust Architecture, along with experience designing and implementing systems meeting agency cybersecurity policies and regulations. Responsibilities include identifying security risks, improving security architecture, managing data security, modernizing DLP solutions, implementing cybersecurity requirements, and maintaining knowledge of security policies and safeguards. The role also involves leading security control compliance assessments, providing subject matter expertise, and developing POA&Ms. The position requires a Bachelor's degree in a related field, 8+ years of cybersecurity experience at a large government agency, and 5+ years of experience with DLP solutions. Additional qualifications include the ability to obtain a government clearance and relevant certifications.

Requirements

• Bachelor's Degree in Computer Science, Electronics Engineering, or other engineering/technical discipline
• 8+ years of applicable experience in Cybersecurity and Cloud Security experience at a large Government agency similar in size/scope to GSA, IRS, DoD, or VA
• 5+ years’ experience: Architect, engineer, develop, deploy, and administer Data Loss Prevention solutions
• Expertise in MITRE Adversarial Tactics, Techniques, and Common Knowledge Framework
• Hands-on experience with CASB, DLP, Web Proxy, SIEM, CSPM, File and Removable media protection tools (FRP)
• Hands-on experience with Data Classification policies and technologies to address data leakage

Responsibilities

• Identifying security risks, improving security architecture designs, and managing the security of data at rest and in motion
• Lead initiative to modernize DLP solution, removing on-premises dependencies and introducing new capabilities
• Implement cybersecurity requirements for IT systems and applications, documenting them in formal security engineering documents using the Risk Management Framework
• Maintain a working knowledge of system functions, security policies, technical security safeguards, and operational security measures
• Lead the identification and assessment of Information Technology (IT) security control compliance of information technology and assessing information security risks within a broader enterprise risk management program
• Provide subject matter expertise, direction, guidance, tracking, and support on cyber security, risk management, continuous monitoring, security Assessment and Authorization (A&A), and business processes that support a metric-driven environment
• Develop, maintain, and update Plans of Action and Milestones (POA&M) to identify system weaknesses, mitigation, and timelines for applying corrective actions

Preferred Qualifications

• Ability to obtain a government clearance
• Experience in the VA or other health-related organizations desired
• One or more of the following: certifications: CISSP, CISA, CISM, CRISC

Benefits

• Medical/Dental/Vision
• 401k with Employer Match
• PTO + Federal Holidays
• Corporate Laptop
• Training opportunities
• Remote Opportunity