9th Way Insignia is a service-disabled, veteran-owned small business bringing transformative technology to government customers. The Business Analyst / ATO Support Analyst role supports the VA Office of Academic Affiliations, focusing on business requirements gathering, system documentation, and ATO maintenance for the DMC application portfolio.
Responsibilities:
- Elicit, analyze, and document business requirements from OAA stakeholders and translate them into actionable technical requirements
- Serve as the bridge between Government stakeholders, the Program Manager, and the development team
- Maintain ATO artifacts, including System Security Plan (SSP) updates, control narratives, POA&M tracking, and scan evidence
- Ensure ATO artifacts remain current within timeframes specified by the VA Information Security Knowledge Service
- Support sustainment of the active VA umbrella ATO (FIPS 199 Moderate) throughout the period of performance
- Develop and maintain system documentation, process flows, wireframes, site diagrams, and user-facing job aids
- Support Section 508 compliance documentation and accessibility conformance reporting
- Track and report on requirements, deliverables, and compliance status; contribute to the Quarterly Progress Report
- Coordinate with the Data Governance / Data Manager on data definitions and reporting requirements
- Participate in recurring working sessions and ad-hoc meetings with OAA leadership and VA stakeholders
Requirements:
- Bachelor's degree in Business Administration, Information Systems, Computer Science, or a related field. No equivalencies or substitutions for the degree requirement will be accepted
- Four (4) or more years of experience in business analysis, system documentation, and security compliance support
- Familiarity with VA ATO/RMF processes and NIST security standards
- Demonstrated experience maintaining security compliance artifacts (SSP, POA&M, control narratives)
- Strong written communication and stakeholder-facing skills
- Must have resided continuously in the United States for the past 36 months
- U.S. Citizenship required
- Security or audit-related certifications (e.g., CISSP, CAP, Security+)
- Direct experience with VA ATO processes and the VA Information Security Knowledge Service
- Experience supporting federal agencies or large enterprise environments
- Familiarity with Agile delivery methods and Azure DevOps
- Experience with Section 508 conformance documentation (ACR/VPAT)