Sierra7

Apply for this job

Security Analyst (Information Technology)



Sierra7, Inc. is seeking a skilled Security Analyst to provide cybersecurity, compliance, and risk management support for the Department of Veterans Affairs (VA) Application Packaging for Windows Client Operating System initiative. This role will ensure that all application packaging, testing, and deployment activities comply with VA security policies, Federal standards, and enterprise risk management frameworks. The Security Analyst role will focus on security assessment, vulnerability analysis, and compliance verification to safeguard VA enterprise systems and data.

This is an onsite position with work to be performed at VA facilities located in Albany, New York.

Position Responsibilities:
Support security reviews and risk assessments of packaged applications prior to deployment into VAs Windows client environments.
Analyze application packaging outputs for compliance with VA cybersecurity requirements, including secure coding and configuration baselines.
Validate that third-party security fixes and patches (e.g., Microsoft OS patches, Adobe updates) do not negatively affect system security or stability before deployment.
Identify vulnerabilities, misconfigurations, or policy gaps and provide remediation recommendations to packaging and engineering teams.
Ensure packaged applications align with Federal Information Security Modernization Act (FISMA), VA security directives, and NIST standards.
Work with developers, testers, and deployment teams to integrate security controls throughout the packaging lifecycle.
Assist in documenting security artifacts, test results, and compliance evidence for Authority to Operate (ATO) and VA audit requirements.
Track and monitor security incidents, escalations, and corrective actions related to packaged applications.
Collaborate with VA Information System Security Officers (ISSOs), project managers, and stakeholders to ensure timely resolution of security issues.
Stay current on emerging threats, vulnerabilities, and VA-specific security guidance relevant to Windows operating systems and packaged applications.

Apply

Apply Here done