Job Description

WE'RE STILL HIRING AND FOCUSED ON EXPANDING DIVERSITY IN THE WORKPLACE AND HELPING OUR VETERANS!

KEY SKILLS: AUTHORIZATION TO OPERATION (ATO), AUTHORIZATION TO CONNECT (ATC), VA EMASS SYSTEM, CYBER SECURITY SUBJECT MATTER EXPERT (SME)

Note - this is an on-site position near the White House. Near term telework due to COVID-19 but on-site afterward.

Support the Department of Veterans Affairs (VA) Electronic Health Record Modernization (EHRM) program. Serve on a team of cybersecurity personnel who are working to manage an interagency system. Lead the team to support interagency (VA-DoD) change and configuration management and support to interagency cyber processes. Supports FEHRM processes and rollout.

The ATO/ATC/eMASS Cyber Security subject matter expert (SME) will work on implementing complex health care modernization project requirements with knowledge of the Department of Defense (DoD) and Department of Veteran's Affairs (VA). A successful candidate will have experience assisting the delivery of complex Information Technology related projects, be well versed in life cycle and project management methodologies, and have experience in communicating with a diverse set of stakeholders. Specific strengths include understanding security topics related to network, data, complex technical relationships (internal and external), industry and government security requirements, managing through interim states, project-based dependencies, and risks. This role will help understand and define requirements, communicate complex detail to other stakeholders, review technical artifacts, and oversee delivery.

A successful candidate can either be of the project manager discipline (e.g. PMP) with strong cybersecurity work experience or a direct cybersecurity expert (e.g. CISSP) that also has strong work experience in the Department of Defense (DoD) or at the Department of Veteran Affairs (VA). Act as a senior cybersecurity professional by providing guidance in the modification and review of existing ATO documentation and proactively providing insights into the documentation packets for ATOs and ATC for interagency (VA-DoD) systems and hardware based on VA and Defense Health Agency (DHA) requirements. Provide guidance and mentorship to team members and stakeholders on an appropriate approach to authorizing solutions.

Elentic prides itself on being a risk-focused company and as such key success criteria are being able to identify and mitigate risks. We believe that this is best accomplished through transparent and open and honest communication. Therefore, a successful candidate will be a strong team player and able to communicate information (i.e. security requirements, risks and issues, and understand impact) across a multidisciplinary team of internal and external stakeholders.

​RESPONSIBILITIES:

• Act as the technical subject matter expert for a project manager or a project manager for a subject matter expert
• Able to support all aspects of Cybersecurity across a vast array of IT systems involving end-user as well as enterprise-level networks.
• Able to design, review, test, or otherwise assist teams in implementing systems that meet governmental agency Cybersecurity policy and regulations.
• Able to plan, design, and oversee deployment of complex enterprise-wide or large-scale assessment and authorization (A&A) packages including computer hardware and software; Ports, Protocols and Services (PPS), Plan of Action and Milestones (POA&M), network topologies, vulnerability scans, and test plans
• Able to ensure that systems meet authorization standards for both the VA and DHA; assist with the documentation of deviations in the POA&M, as appropriate
• Provide guidance and assistance regarding Cybersecurity tools, network topologies, intrusion detection, PKI, and secured networks.
• Able to logically define milestones, deliverables, and collaborate with project managers on dependencies, resources, and timelines.
• Able to identify project risk and mitigation strategies, solutions, and plans.
• Able to understand, assess, and assure quality standards for projects are met.
• Know and apply cybersecurity standards, best practices, and methodologies associated with the VA, DoD, and Healthcare industry

EXPERIENCE REQUIRED:

• Knowledge of VA and DoD Cybersecurity policies and ATO/ATC processes
• Experience with DoD Risk Vison or VA eMASS
• Experience managing security aspects of Information Technology related projects.
• Well versed in lifecycle and project management methodologies.
• Experience in tracking costs, schedule, and performance progress.
• Able to identify and mitigate risks
• Bachelor's Degree in Engineering, Computer Science, Systems, Business or related scientific and/or technical discipline.
• 10 years of additional relevant experience may be substituted for education
• At least 10 years experience working within the project management or cybersecurity discipline

EXPERIENCE PREFERRED:

• Holds one of the following certifications (CISSP, Security+, CISM, OSCP, DoDAF, TOGAF, FedRamp, NIST 800-53, HIPPA HITECH)
• Experience with Cybersecurity principles and controls
• Experience with security documentation (either development or overseeing the development of) such as Authority to Operate/ Connect
• Experience in the concepts, terms, processes, policy and implementation of information security
• Experience and knowledge of the latest security measures at all stages of an information system life cycle
• Ability to understand and differentiate between critical and non-critical systems and networks
• Ability to articulate and demonstrate proficiency in all steps of the Risk Management Framework
• Knowledge of System Security Plans (SSP)
• Experience with mentoring cybersecurity personnel on technical topics such as the Risk Management Framework (RMF) and A&A
• Experience with Configuration and Change Management processes, including Change Control Boards
• Experience in the Department of Affairs (VA) or Departement of Defense (DoD)
• Familiarity with the Defense Health Agency (DHA) requirements
• Experience implementing or integrating Electronic Health Records (EHR)
• Experience working within the Health care field or transformational project
• Must be flexible enough to work within multiple SDLC methodologies: Agile and Waterfall

Elentic provides equal employment and advancement opportunities to all individuals. Employment decisions at Elentic will be based on performance, qualifications, abilities, education, and experience. Elentic does not discriminate in employment opportunities or practices on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, age, physical or mental disability, genetic information, marital status, amnesty or status as a covered veteran in accordance with applicable federal, state and local laws. Elentic complies with any applicable state and local laws governing nondiscrimination in employment.

Company Description

Elentic is a consultancy with a team of Healthcare and PMI certified project managers and technical architects that specialize in transformational change. • Architect, plan, manage and implement transformational or critical technology projects • Align effort with organizational priorities and architectural, application, and data strategy • Protect established service level agreements by testing functional and non-functional requirements • Efficiently conduct low-impact implementation events through proper risk mitigation, communication, vendor partnering and waved implementation events (i.e. comprehensive go-live command center driven events) • Ensure compliance with corporate and government standards and policies