Cyber Security SME (Remote) at GovCIO in Boise, Idaho, United States Job Description Overview GovCIO is seeking a qualified Cyber Security Subject Matter Expert who is well-versed in security operations, cyber security tools, intrusion detection, and management and administration of secured networks. These skills will be used to lead VHA Finance Product Line compliance with the VA’s Authority to Operate (ATO) processes. Additional responsibilities include ensuring the assurance of security and adherence to regulatory requirements established by the VA. This role will serve as an expert in areas of compliance, risk management, and incident response. The candidate will work with team members to ensure systems adhere to the necessary security requirements and maintain operation status. In addition, the candidate is expected to collaborate with intrusion analysts to identify, report on, and coordinate remediation of cyber threats. This individual is expected to assess the client’s security posture by assessing intrusion signatures, tactics, techniques and procedures associated with preparation for and execution of cyber-attacks. Provides detailed briefings and intelligence reports to leadership. This position will bea fully remoteposition. The core hours of operation will be from Monday through Friday, 8:00 am to 5:00 pm ET. Responsibilities + Perform comprehensive security assessment on all VA systems, applications and network devices for vulnerabilities. + Review and analyze log files to report any unusual or suspect activities. + Utilize incident response use-case workflows to follow established and repeatable processes for triaging and escalating. + Verify compliance of VA systems, applications and network devices meet security standards and compliance requirements (including but not limited to NIST, ISO, HIPAA FIPS, VA 6500, and RMF) + Establish and uphold incident response protocol. + Strong critical decision making skills with regards to documentation process and procedures. + Execute measures to resolve incident responses and alleviate security incidents immediately. + Report incidents and providing detailed information for use in after action reports. + Analyze and correlate incident event data to develop preliminary root cause and corresponding remediation strategy. + Provide technical support for new detection capabilities, recommendations to improve upon existing tools/capabilities to protect the VA network, and assessments. + Manage and assess security patch maintenance with infrastructure team to ensure all To view full details and how to apply, please login or create a Job Seeker account
ISO standards Intrusion Detection System (IDS) Incident response fips security-testing HIPAA logfile requirements-management Root Cause Analysis (RCA) risk management Decision-making Security Administrator Cybersecurity Cyber threats Technical Support Management