Back to jobs

ENTERPRISE RISK ANALYST (REMOTE)

Mks2Technologies
senior€110,000-120,000/year

Job description

<div class="content-intro"><p>MKS2 Technologies, LLC, an award-winning high growth small business, creates innovative and customer-centric technology solutions in the areas of Cyber Security, Instructional Design and Training, Software Engineering and IT Support Services to improve the security and well-being of our clients. Our commitment to excellence and our “Mission First” orientation has resulted in steady growth and an expanding client base across government agencies. We have employees nationwide and for the past three consecutive years were named one of the fastest growing Veteran-owned companies in the nation. Please take a moment to browse through our website and learn more about what it means to serve with MKS2.</p> <hr> <p> </p></div><p></p> <div class="x_elementToProof" data-ogsc="rgb(0, 0, 0)"><strong data-ogsc=""><u data-ogsc="" data-olk-copy-source="MessageBody">Enterprise Risk Analyst</u></strong></div> <div class="x_elementToProof" data-ogsc="rgb(0, 0, 0)"> </div> <div class="x_elementToProof" data-ogsc="rgb(0, 0, 0)"><strong>Pay Rate: </strong>$110,000-$120,000 based on experience - full benefits available </div> <div class="x_elementToProof" data-ogsc="rgb(0, 0, 0)"> </div> <div class="x_elementToProof" data-ogsc="rgb(0, 0, 0)"><strong>Duration: </strong>currently funded through 01/2027 - extension process already ongoing up to 5 years additional </div> <div class="x_elementToProof" data-ogsc="rgb(0, 0, 0)"> </div> <div class="x_elementToProof" data-ogsc="rgb(0, 0, 0)"><strong data-ogsc="">Summary:</strong></div> <div class="x_elementToProof" data-ogsc="rgb(0, 0, 0)">The experienced Risk Analyst role executes the VA Enterprise Risk Analysis process using a custom ERA tool to identify key cyber security risk factors in network connected medical devices and Special Purpose Systems (e.g., building automation systems, physical security systems, operational technology). These risk factors are summarized, evaluated, and reported using quantitative and qualitative scores to provide a VA authorizing official with awareness of the residual cyber risk prior to connecting these devices to the VA network. The Risk Analyst must acquire, review and leverage system documentation and data gathered through questionnaires and interviews with customers in the field and vendor/manufacturer representatives to accurately document critical security posture elements in a common reporting format. These elements include hardware/software inventory, communications profile, system interconnections, data types and stores, and the presence or lack of security controls, settings and mechanisms for a given device type. The Risk Analyst performs annual reviews to support effective continuous monitoring and to ensure documented residual risks are current, accurate, and complete. The analyst works within a Risk Management team and is expected to collaborate with Federal and contractor team mates to achieve best outcomes for the ERA process.</div> <div class="x_elementToProof" data-ogsc="rgb(0, 0, 0)"> </div> <div class="x_elementToProof" data-ogsc="rgb(0, 0, 0)"><strong data-ogsc="">You Have:</strong></div> <ul> <li data-ogsc="rgb(0, 0, 0)"> <div class="x_elementToProof" data-ogsc="">Experience with Cybersecurity, risk management, or risk assessment for complex systems</div> </li> <li data-ogsc="rgb(0, 0, 0)"> <div class="x_elementToProof" data-ogsc="">Experience with NIST SP 800-53 and NIST SP 800-30</div> </li> <li data-ogsc="rgb(0, 0, 0)"> <div class="x_elementToProof" data-ogsc="">Experience with documenting and depicting network topology and network protocols</div> </li> <li data-ogsc="rgb(0, 0, 0)"> <div class="x_elementToProof" data-ogsc="">Ability to engage directly with clients, and third parties to facilitate enterprise risk analysis</div> </li> <li data-ogsc="rgb(0, 0, 0)"> <div class="x_elementToProof" data-ogsc="">Ability to obtain and maintain a Public Trust or Suitability/Fitness determination based on client requirements</div> </li> <li data-ogsc="rgb(0, 0, 0)"> <div class="x_elementToProof" data-ogsc="">Bachelor’s degree in Computer Science, Mathematics, Engineering or technical discipline and 10 years of relevant work experience or 18 years of relevant work experience in lieu of degree</div> </li> </ul> <div class="x_elementToProof" data-ogsc="rgb(0, 0, 0)"><strong data-ogsc="">Nice If You Have:</strong></div> <ul> <li data-ogsc="rgb(0, 0, 0)"> <div class="x_elementToProof" data-ogsc="">Experience with cybersecurity analysis of medical technology or Internet of Things (IoT)</div> </li> <li data-ogsc="rgb(0, 0, 0)"> <div class="x_elementToProof" data-ogsc="">Experience with Governance, Risk, and Compliance (GRC)</div> </li> <li data-ogsc="rgb(0, 0, 0)"> <div class="x_elementToProof" data-ogsc="">Experience with Assessment and Authorization (A&amp;A) and eMASS</div> </li> <li data-ogsc="rgb(0, 0, 0)"> <div class="x_elementToProof" data-ogsc="">Experience with Excel and Visio</div> </li> <li data-ogsc="rgb(0, 0, 0)"> <div class="x_elementToProof" data-ogsc="">CompTIA Security+ or Certified Risk Management Professional (CRISC) or Certified in Risk and Information Systems Control (CRISC)</div> </li> <li data-ogsc="rgb(0, 0, 0)"> <div class="x_elementToProof" data-ogsc="">Public Trust clearance</div> </li> </ul> <p></p> <p> </p><div class="content-conclusion"><hr> <p> </p> <p>Diversity creates a healthier atmosphere: MKS2 Technologies is proud to be an Equal Employment Opportunity / Affirmative Action employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, protected veteran status, disability status, sexual orientation, gender identity or expression, marital status, genetic information, or any other characteristic protected by law.</p></div>