Cyber Security Analyst

TL;DR

Cyber Security Analyst (VA Federal): Implementing and maintaining security posture for VA enterprise systems and data with an accent on compliance with federal standards, vulnerability management, and ATO processes. Focus on conducting vulnerability scanning, penetration testing, incident response, and developing A&A artifacts in a DevSecOps environment.

Location: Full-time remote (Arlington, VA; requires ability to obtain Public Trust Clearance)

Salary: $103,000 - $118,000 a year

Company

hirify.global drives innovative solutions for complex challenges in financial management, healthcare, and government industries with a client-first approach and rapid implementation of pragmatic solutions.

What you will do

• Perform vulnerability scanning, penetration testing, code review, and remediation per NIST SP 800-53 standards.
• Develop and maintain A&A artifacts like security plans, risk assessments, and POA&Ms for ATO submissions.
• Respond to security incidents, analyze events, and report within strict timeframes.
• Ensure compliance with Federal, VA, FISMA, NIST, HIPAA, and privacy directives.
• Coordinate with VA staff for system migration, deployment, and security control implementation.
• Monitor security KPIs, apply patches, and contribute to incident response documentation and process improvements.

Requirements

• Bachelor's degree in Cybersecurity, Computer Science, IT, or related; equivalent experience considered
• Minimum 10 years in cyber security operations, risk assessment, vulnerability management, or compliance
• Demonstrated knowledge of federal cybersecurity standards
• Experience with vulnerability assessments, penetration testing, and security control testing
• Familiarity with SAST tools (e.g., Fortify), penetration testing suites, SIEM platforms
• Experience supporting ATO/A&A processes and DevSecOps practices
• Ability to obtain Public Trust Clearance

Nice to have

• Familiarity with VA GRC tools and workflows
• Experience with cloud security and FedRAMP (AWS, Azure)
• Expertise in application security, code quality in agile environments, and CI/CD pipelines
• Advanced knowledge of tools like Jenkins, GitHub, SonarQube, AppDynamics

Culture & Benefits

• Health, dental, vision plans; optional FSA
• Safe Harbor 401(k) with 100% vested employer contributions from day 1
• Paid time off, 11 paid holidays, paid parental leave
• No cost group term life/AD&D; optional supplemental coverage, pet insurance
• Monthly phone/internet stipend, tuition/training reimbursement
• Supportive work/life balance