Information Assurance/Lead System Security Specialist

Job ID
# of Openings
IT Security
Work Authorization
US Citizens, preferred


VariQ’s Cybersecurity Line of Business is seeking future team members with strong cybersecurity skills in the areas of security assessments, continuous monitoring, and privacy program support for a financial services sector client. This highly visible and critical infrastructure related work includes performing security and privacy compliance work as well as consulting this client on emerging programs such as the Risk Management Framework and Continuous Diagnostics and Mitigation, (CDM). 


Additional Information:

  • Location: Washington, DC
  • Salary: Dependent upon experience
  • Security Clearance: Secret clearance is preferred
  • Available: within 30 days


Serve as the Team Lead overseeing a team of IA specialists responsible for multiple security compliance activities, while also leading assessment activities and interfacing directly with key customer stakeholders:


Key Responsibilities: 

  • Assist on performing Assessments, Complete Assessment Plans, Create/Update System Security Plans (SSPs) and Security Assessment Reports (SARs).
  • Coordinate, facilitate, and assist key meetings with customer which may include up to 20 stakeholders. 
  • Help complete client deliverables in strict project timelines and show ability to wisely manage time and multiple assessments and assignments at once.
  • Perform quality evaluations of information system security controls in accordance with NIST 800-53, 800-137. 
  • Work with customer and system and application teams to resolve issues, answer questions and collect evidence related to assessment of security controls. 
  • Participate in Continuous Monitoring initiatives which may include: Standard Operating Procedure updates, template updates, training content updates, and development of scripts for calls and test cases for assessments.


Experience with the following:

  • Security Assessment and Authorization, (SA&A) activities
  • Plan-of-Action-and-Milestones, (POA&M) management
  • Risk Management Framework, (RMF) implementation
  • Continuous Monitoring planning and implementation
  • Privacy Threshold Assessment/Privacy Impact Assessment development
  • System Security Lifecycle Support
  • Privacy Program Support/Privacy Controls Implementation



One of the following:




  • Securing Industrial Control Systems, (ICS) / Supervisory Control and Data Acquisition, (SCADA) systems is a plus.



VariQ is an equal opportunity employer.


Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed