{"id":916,"date":"2025-12-25T05:56:21","date_gmt":"2025-12-25T05:56:21","guid":{"rendered":"https:\/\/skillbasedmatching.com\/jobs\/?post_type=jobpost&#038;p=916"},"modified":"2025-12-25T05:56:25","modified_gmt":"2025-12-25T05:56:25","slug":"information-assurance-cyber-security-analyst","status":"publish","type":"jobpost","link":"https:\/\/skillbasedmatching.com\/jobs\/current-jobs\/information-assurance-cyber-security-analyst\/","title":{"rendered":"Information Assurance Cyber Security Analyst"},"content":{"rendered":"\n<p>\u200bThis is a <strong>Senior-level, Remote<\/strong> role (previously active as of Dec 15, 2025) requiring <strong>10 years of experience<\/strong>. The position is heavily focused on the <strong>Risk Management Framework (RMF)<\/strong> and the <strong>Authorization to Operate (ATO)<\/strong> process. While no initial clearance is required, you must be a U.S. citizen capable of obtaining a <strong>Public Trust<\/strong> clearance, specifically aligned with <strong>Department of Veterans Affairs (VA)<\/strong> guidelines.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u200b<strong>Requisition ID:<\/strong> 2511716<\/li>\n\n\n\n<li>\u200b<strong>Location:<\/strong> Remote (Texas, US)<\/li>\n\n\n\n<li>\u200b<strong>Salary Range:<\/strong> $40,001 &#8211; $80,000 (Note: This is an unusually low estimate for a 10-year senior role; the &#8220;target&#8221; may be subject to adjustment based on experience).<\/li>\n\n\n\n<li>\u200b<strong>Core Tech\/Frameworks:<\/strong> NIST RMF, NIST SP 800-53 Rev 4, eMASS, VA 6500.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">\u200bKey Responsibilities: Governance and Risk Management<\/h2>\n\n\n\n<p>\u200bThis role is less about &#8220;hacking&#8221; and more about the &#8220;Assurance&#8221; side of security\u2014ensuring that systems are legally and technically authorized to handle government data.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">\u200bThe RMF and ATO Process<\/h3>\n\n\n\n<p>\u200bYour primary duty is navigating systems through the <strong>NIST Risk Management Framework (RMF)<\/strong> to achieve an <strong>Authorization to Operate (ATO)<\/strong>. This is a rigorous 7-step process where you categorize the system, select and implement security controls, and then have those controls assessed by a third party. You will likely use <strong>eMASS<\/strong> (Enterprise Mission Assurance Support Service), the standard automated tool used by the DoD and VA to track these requirements.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">\u200bControl Assessment and Compliance<\/h3>\n\n\n\n<p>\u200bYou will be responsible for <strong>NIST SP 800-53 Rev 4<\/strong> compliance. This involves performing self-assessments of security controls to identify gaps. You will work on <strong>SCA (Security Control Assessments)<\/strong> and support third-party audits. A critical part of this is documenting everything\u2014creating and maintaining the System Security Plan (SSP), policies, procedures, and POA&amp;Ms (Plan of Action and Milestones) to track vulnerability remediation.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">\u200bVA-Specific Standards (VA 6500)<\/h3>\n\n\n\n<p>\u200bBecause this role supports the Department of Veterans Affairs, you must be familiar with <strong>VA 6500<\/strong>, which is the VA&#8217;s specific Information Security Program. This handbook adapts NIST standards to the unique needs of veteran data and healthcare privacy, adding another layer of regulatory requirements to your assessments.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">\u200bRequired Qualifications and Skills<\/h2>\n\n\n\n<p>\u200bThis position requires a &#8220;Subject Matter Expert&#8221; level of knowledge in federal cybersecurity regulations.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u200b<strong>Experience:<\/strong> <strong>10 years<\/strong> of relevant experience (8 years can be substituted for a degree).<\/li>\n\n\n\n<li>\u200b<strong>Technical Knowledge:<\/strong> Deep understanding of <strong>NIST 800-53<\/strong> controls and vulnerability management.<\/li>\n\n\n\n<li>\u200b<strong>Tooling:<\/strong> Hands-on experience with GRC (Governance, Risk, and Compliance) tools like <strong>eMASS<\/strong>.<\/li>\n\n\n\n<li>\u200b<strong>Clearance:<\/strong> Must be a U.S. Citizen with the ability to pass a <strong>Public Trust<\/strong> background check.<\/li>\n\n\n\n<li>\u200b<strong>Soft Skills:<\/strong> Ability to foster an inclusive team environment and handle high-pressure tasks simultaneously.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">\u200bPreferred Experience<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u200b<strong>Certifications:<\/strong> <strong>CISSP<\/strong> (highly desired for IA roles) or <strong>OSCP<\/strong> (for those leaning toward the assessment\/technical side).<\/li>\n\n\n\n<li>\u200b<strong>Agency Experience:<\/strong> Prior experience with the <strong>VA or DoD<\/strong> is a significant advantage.<\/li>\n\n\n\n<li>\u200b<strong>Engineering Breadth:<\/strong> Familiarity with network topologies, <strong>PKI (Public Key Infrastructure)<\/strong>, and intrusion detection systems.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">\u200bSummary of Role Impact<\/h2>\n\n\n\n<p>\u200bInformation Assurance Analysts are the &#8220;gatekeepers&#8221; of federal systems. Without your work on the RMF and ATO process, mission-critical applications\u2014including those used to provide healthcare to veterans\u2014cannot legally go live. Your expertise ensures that malicious actors cannot exploit gaps in system documentation or configuration, keeping the Department of Veterans Affairs resilient against evolving cyber threats.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u200bThis is a Senior-level, Remote role (previously active as of Dec 15, 2025) requiring 10 years of experience. The position is heavily focused on the Risk Management Framework (RMF) and the Authorization to Operate (ATO) process. While no initial clearance is required, you must be a U.S. citizen capable of obtaining a Public Trust clearance, [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"menu_order":0,"template":"","jobpost_category":[43],"jobpost_job_type":[39],"jobpost_location":[1041],"jobpost_tag":[3909,3176,3908,4145,1231,1230,81,1942,820,4146],"class_list":["post-916","jobpost","type-jobpost","status-publish","hentry","jobpost_category-it","jobpost_job_type-remote","jobpost_location-united-states","jobpost_tag-ato","jobpost_tag-cybersecurity-analyst","jobpost_tag-emass","jobpost_tag-information-assurance","jobpost_tag-nist-800-53","jobpost_tag-public-trust","jobpost_tag-remote","jobpost_tag-rmf","jobpost_tag-texas","jobpost_tag-va-6500"],"_links":{"self":[{"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/jobpost\/916","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/jobpost"}],"about":[{"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/types\/jobpost"}],"author":[{"embeddable":true,"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/users\/1"}],"wp:attachment":[{"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/media?parent=916"}],"wp:term":[{"taxonomy":"jobpost_category","embeddable":true,"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/jobpost_category?post=916"},{"taxonomy":"jobpost_job_type","embeddable":true,"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/jobpost_job_type?post=916"},{"taxonomy":"jobpost_location","embeddable":true,"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/jobpost_location?post=916"},{"taxonomy":"jobpost_tag","embeddable":true,"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/jobpost_tag?post=916"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}