Enterprise Risk Analyst

Who We Are

Known for being a Best Place to Work and a People First company, IronArch Technology is an award-winning Service-Disabled Veteran-Owned Small Business (SDVOSB) specializing in providing innovative solutions and world class services to Federal Government clients.

Our employees have voted us as a 'Best Place to Work' 9 times and we are an INC 5000 recipient for being one of the fastest growing businesses in the United States.

Our Values: People First, Servant Leadership, Deliver and Inspire Excellence, Do the right thing!

What You'll Do

The Enterprise Risk Analyst role executes the VA Enterprise Risk Analysis process using a custom ERA tool to identify key cyber security risk factors in network connected medical devices and Special Purpose Systems (e.g., building automation systems, physical security systems, operational technology). These risk factors are summarized, evaluated, and reported using quantitative and qualitative scores to provide a VA authorizing official with awareness of the residual cyber risk prior to connecting these devices to the VA network. The Risk Analyst must acquire, review and leverage system documentation and data gathered through questionnaires and interviews with customers in the field and vendor/manufacturer representatives to accurately document critical security posture elements in a common reporting format. These elements include hardware/software inventory, communications profile, system interconnections, data types and stores, and the presence or lack of security controls, settings and mechanisms for a given device type. The analyst works within the Specialized Device Cybersecurity Department Risk Management team and is expected to collaborate with Federal and contractor team mates to achieve best outcomes for the ERA process.

• Experience with Cybersecurity, risk management, or risk assessment for complex systems
• Experience with NIST SP 800-53 and NIST SP 800-30
• Experience with documenting and depicting network topology and network protocols
• Ability to engage directly with clients, and third parties to facilitate enterprise risk analysis
• Ability to obtain and maintain a Public Trust Clearance or Suitability/Fitness determination based on client requirements
• Bachelor's degree in computer science, Electronics Engineering, or technical equivalent and 10 years of professional experience or a total of 18 years in lieu of education

Preferred Experience

• Experience with cybersecurity analysis of medical technology or Internet of Things (IoT)
• Experience with Governance, Risk, and Compliance (GRC)
• Experience with Assessment and Authorization (A&A) and eMASS
• Experience with Excel and Visio
• CompTIA Security+ or Certified Risk Management Professional (CRISC) or Certified in Risk and Information Systems Control (CRISC)

(#LI-remote)

Why IronArch Technology?

• Awarded Best Place to Work 9 times!
• Competitive compensation and market-leading bonus opportunities
• Medical, dental and vision benefits where a significant portion of the premium is subsidized by IronArch. For qualifying high deductible health plans, IronArch also contributes towards a Health Reimbursement Account to cover eligible medical expenses
• Company-provided healthcare concierge assistance to help explain your coverage in plain language; help you find, choose, and schedule quality care; and address billing, benefit, or claims concerns, potentially saving hours of your time
• 401(k) retirement plan where the company contributes dollar for dollar up to 3 percent, and 50 cents on the dollar for the 4th and 5th percent with immediate entry and immediate vesting
• 20 days of PTO accumulated per calendar year
• 11paid holidays
• Bereavement, jury duty, parental (maternity/paternity/adoption), and military leaves
• Sabbatical programs
• Company-paid short- and long-term disability
• Company-paid life insurance
• Voluntary life, accidental and indemnity income replacement benefits
• Professional development reimbursement
• Health club reimbursement
• Matching donation program and annual philanthropic activities
• Pet insurance
• And more!

Apply today to learn why IronArch Technology has been recognized as "Best Place to Work" for 9 years!

IronArch Technology is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law.

In alignment with applicable state and local pay transparency laws, IronArch includes a salary range in our job descriptions to support equity and transparency in our hiring process. The compensation range provided reflects what we reasonably expect to offer for this role, with the final offer determined by a variety of factors including skills, experience, and scope of responsibilities.