VariQ has an exciting opportunity for a highly qualified Compliance Lead to support the DHS effort in Washington, DC.
We are looking for knowledgeable, team-oriented Information Assurance Lead who will apply their skills and experience to support a multi-year DHS customer contract. This position supports an important national security focused customer providing information assurance engineering and administration services to ensure secure, reliable, and uninterrupted availability of this organization’s IT systems and network.
- Ensuring that the architecture and design of information systems are functional and secure.
- Assessing threats to environment and providing input on adequacy of security designs/architectures.
- Designing and developing IA or IA enabled products, interface specifications, and approaches to secure the environment as necessary.
- Participating in risk assessment during the Assessment and Authorization process.
- Ensuring completeness of work and adherence to software development and configuration management plans, requirements specifications, and quality standards.
- Participating in team and client meetings to promote effective project communications code reviews, user demonstrations, etc.
- Supporting test events and working closely with development team to resolve issues as required.
- Responsible for overall IT security for project-related solutions.
- Responsible for system Assessment and Authorization to create and maintain security-related artifacts for existing and new solutions – SSP, SCTM, CONOPS, and relevant appendices development/maintenance, etc.
- Knowledge and ability to perform requirements analysis and system/network security design
- Develop and maintain POA&M for all accepted risks upon completion of system A&A.
- Skill in developing, analyzing, and evaluating information technology and IT security programs to meet requirements and improve the information technology and IT security program for the installation as well as skill in communicating
information technology and IT security requirements, multi-service, and multi-national organizations.
- Manage, monitor, and review security audit and intrusion detection system logs for attacks and anomalies
- Develop security test procedures for project-related solutions
- Periodic vulnerability assessments of system/sub-system components
- IA Policy/procedure development, implementation and enforcement
- Collaborate with Software Engineering Team on aspects of solution design and development; participates in all internal and client reviews.
- Conduct response to security incidents.
- Coordinate with government accreditors for all matters related to system security – scheduling, testing, documentation, etc.
- Application of the Risk Management Framework for National Security Systems
- Develop and execute security control assessments of new and existing information systems
- Support security staff in performing security compliance inspections to include cyber security reviews of existing security authorization packages and continuous monitoring plans
EDUCATION AND EXPERIENCE:
- Typically requires a bachelor's degree or equivalent and seven to nine years related experience.
- Minimum of 6 years in information assurance or information security accrediting information, developing policy, or management of information assurance programs.
- Demonstrated on-the-job experience with risk management methodologies
- Demonstrated on-the-job experience with system configuration, development and design specifically around enterprise and small organizational systems
- Knowledge of cyber security engineering, and experience with Linux, Windows and virtual platforms
- Thrive in an energetic, fast-paced environment - learn and become productive quickly and meet team goals, can-do attitude, able to do what it takes to deliver.
- Demonstrated ability to work as part of an integrated team, as well as independently.
- Strong interpersonal and relationship building skills conducive to team building.
- Familiarity with the Microsoft and Linux desktop
- Ability to obtain a security clearance at the TOP SECRET level or above
- Respond to requests for user support via phone, email, or in person in a professional, confident, and courteous manner
- Critical thinking and problem solving
- Excellent verbal and written communication
- Ability to manage multiple projects in a fast-paced environment
- A passion for building great software packages and pride in the quality of work
- Eight or more years experience with virtual environments
- Eight or more years experience Windows server OR workstation administration
- Experience with Microsoft Hyper-V
- 8+ years of experience designing, developing, configuring, and implementing multiple systems from multiple vendors in
classified government environments.
- Good understanding of established and emerging network technologies
- Experience interacting with senior-level government executives
- Expertise in private cloud implementation and administration.
- Design and management experience with complex PL3 and PL4 information systems
- Demonstrated ability to understand and translate business issues into technical requirements and design specifications
- Current computing environment certification (e.g. MCSA Windows Server 2012, CCNA/CCNP, VCA/VCP, CCA-V/CCPV)
VariQ is an equal opportunity employer.