Maveris is an IT and cybersecurity services company committed to helping organizations create secure digital solutions to accelerate their mission. We are Veteran-owned and proud to serve customers across the Federal Government and private sector. We have an opening for a full-time,
Risk Management Analyst to join our talented, dynamic team in support of the Department of Veterans Affairs (VA).
Veterans are encouraged to apply.
Duties
As a Risk Management Analyst, you will be trusted to support the delivery of our cybersecurity solutions and services. In this role, you will be a part of a risk review team working on the tasks outlined below:
- Conduct independent risk reviews of VA information technology (IT) systems, according to NIST Risk Management Framework (RMF) Authorize Step guidelines, to determine security and privacy risk based on system operation and make recommendations to authorizing officials regarding Authority to Operate (ATO) decisions.
- Complete Risk Review checklists and prepare Authorization Packages to inform risk analysis, determination, responses, and reporting.
- Review NIST RMF security and privacy controls and control enhancements employed within or inherited by an IT system to determine compliance for critical controls as they relate to key security concerns.
- Review all relevant security documentation associated with an IT system to identify missing, expired, or incomplete artifacts.
- Review technical scan reports to identify and summarize vulnerability findings, remediation activities, and associated POA&Ms.
- Create Risk Review reports and presentation materials offering risk recommendations based on test results, compliance data and government defined policies and regulations.
Requirements
- Bachelor's degree in Cybersecurity, Information Technology, or equivalent technical discipline is required.
- Knowledge of cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
- Knowledge of system and application security threats and vulnerabilities.
- Knowledge of Personally Identifiable Information (PII), Payment Card Industry (PCI), and Personal Health Information (PHI) data security standards.
- Experience with eMASS or equivalent GRC platform.
- Experience with Cybersecurity policy, risk management, and threat mitigation.
- Experience with NIST Special Publications 800-37 (RMF) and 800-53 (Security and Privacy Controls).
- Certifications such as SCA and CISA are a plus.
- Exceptional written and verbal communication skills.
- Strong planning, organizational, and time management skills.
- Exceptional analytical and conceptual thinking skills.
- Ability to work collaboratively with a team of peers.
Benefits
Maveris attracts and retains talent of the highest caliber by offering opportunities to work in exciting and challenging environments surrounded by bright minds. Our employees are our most prized asset and are rewarded with highly competitive compensation and a top-tier benefits package, including:
- 401(k) with company contribution
- Dental Insurance
- Health Insurance
- Vision Insurance
- Life Insurance
- Paid Time Off
About Maveris
Maveris offers exceptional, mission-focused solutions to organizations facing highly complex IT, digital, and cyber security challenges. Our success is achieved by maintaining an environment of trust where people are encouraged to reach their fullest potential. Every candidate that applies to Maveris brings something unique to the table, and because our team is diverse, we consistently meet our goals and exceed client expectations. If you are a highly-motivated person with a willingness to learn, we invite you to apply today to join our team!
To Learn More About Employee Benefits Visit Www.maveris.com.
For company updates and the latest job postings check us out on LinkedIn.
If you'd like to read about some of our research and projects head over to Maveris Labs.
Want a more behind the scenes view? Check out our blog Maveris Insights to learn more about the team behind the solutions.
We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity or expression, pregnancy, age, national origin, disability status, genetic information, protected veteran status, or any other characteristic protected by law.