{"id":922,"date":"2025-12-25T06:24:06","date_gmt":"2025-12-25T06:24:06","guid":{"rendered":"https:\/\/skillbasedmatching.com\/jobs\/?post_type=jobpost&#038;p=922"},"modified":"2025-12-25T06:24:09","modified_gmt":"2025-12-25T06:24:09","slug":"cyber-security-analyst-lts-remote","status":"publish","type":"jobpost","link":"https:\/\/skillbasedmatching.com\/jobs\/current-jobs\/cyber-security-analyst-lts-remote\/","title":{"rendered":"Cyber Security Analyst \u2013 LTS (Remote)"},"content":{"rendered":"\n<p>\u200bThis is a <strong>Senior-level, 100% Remote<\/strong> position supporting the <strong>Department of Veterans Affairs (VA) Health Portfolio<\/strong>. LTS is looking for a practitioner who specializes in federal compliance and &#8220;Security-as-a-Service&#8221; within a PMO (Program Management Office) structure. Your primary objective is ensuring that VA health IT projects\u2014which manage sensitive Veteran health data\u2014achieve and maintain their <strong>Authority to Operate (ATO)<\/strong> while following the VA\u2019s unique <strong>Veteran-Focused Integration Process (VIP)<\/strong>.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u200b<strong>Job Code:<\/strong> 2943<\/li>\n\n\n\n<li>\u200b<strong>Location:<\/strong> Remote<\/li>\n\n\n\n<li>\u200b<strong>Clearance\/Trust:<\/strong> Requires ability to work within VA Health Portfolio guidelines (typically Public Trust or Secret).<\/li>\n\n\n\n<li>\u200b<strong>Core Frameworks:<\/strong> NIST SP 800-53 Rev 4, VA Handbook 6500, HIPAA, and HITECH.<\/li>\n\n\n\n<li>\u200b<strong>Key Methodology:<\/strong> VA VIP (Agile-based) and NIST RMF.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">\u200bKey Responsibilities: ATO Success &amp; Portfolio Governance<\/h2>\n\n\n\n<p>\u200bThis role acts as a bridge between high-level policy and technical implementation across multiple health-related IT projects.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">\u200b1. Security Certification &amp; ATO Remediation<\/h3>\n\n\n\n<p>\u200bYou will lead the efforts to secure <strong>Authority to Operate (ATO)<\/strong> and <strong>Authority to Connect (ATC)<\/strong> for various applications. This is not just documentation; it involves active remediation. You will identify security gaps through system scans and audits, then work with development teams to fix them. You&#8217;ll be a power user of the <strong>ServiceNow (SNOW) CAM<\/strong> and GRC tools to track these vulnerabilities.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">\u200b2. Artifact Development &amp; Privacy<\/h3>\n\n\n\n<p>\u200bA significant portion of the role involves building the &#8220;Body of Evidence&#8221; for security. This includes creating <strong>System Security Plans (SSP)<\/strong>, <strong>Privacy Impact Analyses (PIA)<\/strong>, and <strong>Privacy Threshold Analyses (PTA)<\/strong>. Given the &#8220;Health&#8221; focus of the portfolio, you must ensure all artifacts comply with <strong>HIPAA<\/strong> and the <strong>HITECH Act<\/strong> regarding the protection of Electronic Health Records (EHR).<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">\u200b3. Integration with Agile &amp; VIP<\/h3>\n\n\n\n<p>\u200bThe VA uses the <strong>Veteran-Focused Integration Process (VIP)<\/strong>, an Agile-based framework. You will participate in Scrum ceremonies and integrate security architecture and engineering efforts directly into the <strong>Software Development Life Cycle (SDLC)<\/strong>. This ensures security is &#8220;baked in&#8221; rather than &#8220;bolted on&#8221; at the end of a project.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">\u200bRequired Qualifications and Skills<\/h2>\n\n\n\n<p>\u200bLTS is looking for a &#8220;hands-on&#8221; analyst who has navigated the specific complexities of the VA security environment before.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u200b<strong>Experience:<\/strong> <strong>5 years<\/strong> of experience with a relevant Bachelor\u2019s degree (or 10 years without).<\/li>\n\n\n\n<li>\u200b<strong>Federal Mastery:<\/strong> Deep understanding of <strong>FISMA<\/strong>, NIST 800-53, and the Information Assurance Certification and Accreditation (C&amp;A) process.<\/li>\n\n\n\n<li>\u200b<strong>VA Specifics:<\/strong> Proven experience achieving an ATO within the VA and familiarity with the <strong>VA VIP<\/strong> methodology.<\/li>\n\n\n\n<li>\u200b<strong>Technical Tools:<\/strong> Proficiency in <strong>ServiceNow<\/strong> and GRC tracking systems.<\/li>\n\n\n\n<li>\u200b<strong>Certifications:<\/strong> <strong>Security+<\/strong> is required; <strong>CISSP<\/strong> or <strong>CISM<\/strong> is highly preferred.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">\u200bPreferred &#8220;Deep-Dive&#8221; Skills<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u200b<strong>Cloud &amp; SaaS:<\/strong> Experience with <strong>FedRAMP<\/strong> and achieving ATOs for Cloud\/SaaS applications.<\/li>\n\n\n\n<li>\u200b<strong>Scanning &amp; Analysis:<\/strong> Hands-on time with <strong>ACAS, Nessus, and HBSS<\/strong>.<\/li>\n\n\n\n<li>\u200b<strong>Healthcare Tech:<\/strong> Knowledge of <strong>HL7<\/strong> (Health Level Seven) protocols or experience with <strong>VistA<\/strong> (the VA\u2019s legacy EHR system).<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">\u200bSummary of Role Impact<\/h2>\n\n\n\n<p>\u200bWithin the VA Health Portfolio, the stakes are literal lives. If a security vulnerability delays an ATO, Veterans may lose access to critical digital health services. In this role, your expertise in the <strong>VA Risk and Governance Tool<\/strong> and your ability to coordinate across stakeholders ensures that innovation in Veteran healthcare doesn&#8217;t come at the cost of data privacy. You are the guardian of the &#8220;mission-critical&#8221; systems that keep the VA Health mission moving.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u200bThis is a Senior-level, 100% Remote position supporting the Department of Veterans Affairs (VA) Health Portfolio. LTS is looking for a practitioner who specializes in federal compliance and &#8220;Security-as-a-Service&#8221; within a PMO (Program Management Office) structure. Your primary objective is ensuring that VA health IT projects\u2014which manage sensitive Veteran health data\u2014achieve and maintain their Authority [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"menu_order":0,"template":"","jobpost_category":[43],"jobpost_job_type":[39],"jobpost_location":[],"jobpost_tag":[3909,4158,1553,995,4160,1231,81,964,4159,4162,4161],"class_list":["post-922","jobpost","type-jobpost","status-publish","hentry","jobpost_category-it","jobpost_job_type-remote","jobpost_tag-ato","jobpost_tag-cyber-security-analyst","jobpost_tag-fedramp","jobpost_tag-hipaa","jobpost_tag-lts","jobpost_tag-nist-800-53","jobpost_tag-remote","jobpost_tag-servicenow","jobpost_tag-va-health","jobpost_tag-vip-methodology","jobpost_tag-vista"],"_links":{"self":[{"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/jobpost\/922","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/jobpost"}],"about":[{"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/types\/jobpost"}],"author":[{"embeddable":true,"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/users\/1"}],"wp:attachment":[{"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/media?parent=922"}],"wp:term":[{"taxonomy":"jobpost_category","embeddable":true,"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/jobpost_category?post=922"},{"taxonomy":"jobpost_job_type","embeddable":true,"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/jobpost_job_type?post=922"},{"taxonomy":"jobpost_location","embeddable":true,"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/jobpost_location?post=922"},{"taxonomy":"jobpost_tag","embeddable":true,"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/jobpost_tag?post=922"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}