Posted today
Public Trust
Unspecified
Unspecified
IT - Security
Remote/Hybrid• (Off-Site/Hybrid)
Security Engineer
Location Remote
Job Code 25-099
# of Openings 1
At Technatomy, we deliver innovative solutions through the efforts of our diverse and talented people who are dedicated to our customer's success. We provide solutions to agencies and entities including the Department of Veterans Affairs, Department of Defense, Defense Logistics Agency, National Institute of Health, and more. Everything we do is built on a commitment to do the right thing for our customers, our people, and our community. Our Mission, Vision, and Values guide the way we do business.
If this sounds like an environment where you can thrive, keep reading !
As part of the EASS eCMS program supporting modernization and sustainment of VA acquisition systems, the Security Engineer implements, validates, and monitors security controls while supporting the full Assessment and Authorization (A&A) lifecycle required to obtain and maintain Authority to Operate (ATO). This role performs vulnerability assessments, manages POA&Ms, prepares ATO artifacts, and ensures continuous alignment with NIST SP 800-53, FISMA, VA cybersecurity policies, and ongoing compliance activities essential for secure and compliant system operations.
DUTIES AND RESPONSIBILITIES:
• Develop, update, and maintain security documentation required for the ATO package, including Security Plans, A&A artifacts, and control implementation evidence.
• Conduct monthly and annual security scans, analyze results, and generate written findings to support remediation and continuous monitoring requirements.
• Support preparation and submission of full ATO packages, ensuring that documentation, evidence, and control responses meet VA requirements.
• Monitor vulnerability scan outputs and coordinate remediation activities across development, operations, and security teams.
• Create, maintain, and update Plan of Action and Milestones (POA&Ms), ensuring timely remediation of vulnerabilities and accurate monthly reporting.
• Participate in ATO and A&A briefings, providing status updates, artifact reviews, and documented assessments of system security posture.
• Support cloud-related ATO requirements and provide inputs to VA Enterprise Cloud (VAEC) security assessments.
• Perform annual security audits and prepare audit reports aligning to VA continuous monitoring requirements.
• Identify, document, and communicate system security risks and recommend mitigation strategies aligned with federal cybersecurity standards.
• Review system changes to assess security impacts and verify the correct implementation of inherited, shared, and system-level controls.
• Collaborate with development, operations, architecture, and configuration management teams to ensure secure integration and support secure SDLC practices.
• Support incident response by assisting in investigations, documenting findings, and providing vulnerability-related analysis.
KNOWLEDGE AND SKILLS REQUIRED:
• Minimum of five (5) years of experience in cybersecurity engineering, A&A support, or federal information security operations.
• Experience supporting ATO preparation, continuous monitoring activities, and POA&M lifecycle management.
• Knowledge of NIST SP 800-53, Risk Management Framework (RMF), FISMA, and related federal cybersecurity standards.
• Experience performing vulnerability scanning and interpreting technical results for remediation planning.
• Ability to prepare and maintain ATO documentation and control evidence packages.
• Strong analytical, communication, and documentation skills.
KNOWLEDGE AND SKILLS DESIRED:
• Experience working with Federal agencies, particularly the Department of Veterans Affairs.
• Experience with VA cybersecurity processes, VAEC cloud security requirements, and OIT continuous monitoring expectations.
• Experience preparing A&A artifacts such as Security Plans, Contingency Plans, and Incident Response Plans.
• Familiarity with environments built on Azure, .NET, SQL Server, IIS, and related enterprise technologies.
EDUCATION:
• Bachelor's degree in Computer Science, Engineering, or a related discipline, or equivalent experience.
CLEARANCE:
• Must be able to obtain and maintain a Public Trust clearance.
WORK LOCATION:
• Remote
As part of the application process, you are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud.
This position requires U.S. citizenship or Green Card.
This position is contingent upon contract award.
Technatomy Corporation is an Equal Opportunity Employer. It is the policy of Technatomy Corporation to afford equal employment opportunity regardless of race, color, religion, national origin, sex, age, marital status, disability or veteran status, or any other status protected by applicable law.
Location Remote
Job Code 25-099
# of Openings 1
At Technatomy, we deliver innovative solutions through the efforts of our diverse and talented people who are dedicated to our customer's success. We provide solutions to agencies and entities including the Department of Veterans Affairs, Department of Defense, Defense Logistics Agency, National Institute of Health, and more. Everything we do is built on a commitment to do the right thing for our customers, our people, and our community. Our Mission, Vision, and Values guide the way we do business.
If this sounds like an environment where you can thrive, keep reading !
As part of the EASS eCMS program supporting modernization and sustainment of VA acquisition systems, the Security Engineer implements, validates, and monitors security controls while supporting the full Assessment and Authorization (A&A) lifecycle required to obtain and maintain Authority to Operate (ATO). This role performs vulnerability assessments, manages POA&Ms, prepares ATO artifacts, and ensures continuous alignment with NIST SP 800-53, FISMA, VA cybersecurity policies, and ongoing compliance activities essential for secure and compliant system operations.
DUTIES AND RESPONSIBILITIES:
• Develop, update, and maintain security documentation required for the ATO package, including Security Plans, A&A artifacts, and control implementation evidence.
• Conduct monthly and annual security scans, analyze results, and generate written findings to support remediation and continuous monitoring requirements.
• Support preparation and submission of full ATO packages, ensuring that documentation, evidence, and control responses meet VA requirements.
• Monitor vulnerability scan outputs and coordinate remediation activities across development, operations, and security teams.
• Create, maintain, and update Plan of Action and Milestones (POA&Ms), ensuring timely remediation of vulnerabilities and accurate monthly reporting.
• Participate in ATO and A&A briefings, providing status updates, artifact reviews, and documented assessments of system security posture.
• Support cloud-related ATO requirements and provide inputs to VA Enterprise Cloud (VAEC) security assessments.
• Perform annual security audits and prepare audit reports aligning to VA continuous monitoring requirements.
• Identify, document, and communicate system security risks and recommend mitigation strategies aligned with federal cybersecurity standards.
• Review system changes to assess security impacts and verify the correct implementation of inherited, shared, and system-level controls.
• Collaborate with development, operations, architecture, and configuration management teams to ensure secure integration and support secure SDLC practices.
• Support incident response by assisting in investigations, documenting findings, and providing vulnerability-related analysis.
KNOWLEDGE AND SKILLS REQUIRED:
• Minimum of five (5) years of experience in cybersecurity engineering, A&A support, or federal information security operations.
• Experience supporting ATO preparation, continuous monitoring activities, and POA&M lifecycle management.
• Knowledge of NIST SP 800-53, Risk Management Framework (RMF), FISMA, and related federal cybersecurity standards.
• Experience performing vulnerability scanning and interpreting technical results for remediation planning.
• Ability to prepare and maintain ATO documentation and control evidence packages.
• Strong analytical, communication, and documentation skills.
KNOWLEDGE AND SKILLS DESIRED:
• Experience working with Federal agencies, particularly the Department of Veterans Affairs.
• Experience with VA cybersecurity processes, VAEC cloud security requirements, and OIT continuous monitoring expectations.
• Experience preparing A&A artifacts such as Security Plans, Contingency Plans, and Incident Response Plans.
• Familiarity with environments built on Azure, .NET, SQL Server, IIS, and related enterprise technologies.
EDUCATION:
• Bachelor's degree in Computer Science, Engineering, or a related discipline, or equivalent experience.
CLEARANCE:
• Must be able to obtain and maintain a Public Trust clearance.
WORK LOCATION:
• Remote
As part of the application process, you are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud.
This position requires U.S. citizenship or Green Card.
This position is contingent upon contract award.
Technatomy Corporation is an Equal Opportunity Employer. It is the policy of Technatomy Corporation to afford equal employment opportunity regardless of race, color, religion, national origin, sex, age, marital status, disability or veteran status, or any other status protected by applicable law.
group id: 10181062
