VariQ has an exciting opportunity for a highly qualified System Analyst II to support the SEC in Washington, DC.
Role: The successful candidate will serve as a member of the technical staff supporting our federal client in the cybersecurity domain. The work will focus on federal information and cybersecurity doctrine, including FISMA and the NIST issuances. Our client’s FISMA compliance program is risk-based (in agreement with NIST issuances), with a lifecycle that leads to and sustains ATOs. Like most federal agencies, our client is constantly improving and refining systems, developing and deploying new systems, refreshing technologies, and incorporating new products as the IT market advances. Simultaneously, our client must address the ever-evolving threat landscape, changes in statute, standards, and regulations, and the continuous adaptation of their information security program to provide appropriate, cost-effective security in the midst of all of these factors.
The successful candidate will be a member of an established and successful team that is already supporting our client. Our expertise, commitment to quality, and insightful consulting has led the client to request even more support from VariQ, and we are looking for two additional members to join our team (one senior, and one junior). Our team is supported by a part-time program manager (who will handle finances, and minor oversight to ensure that client needs are being met), and a part-time technical writer (who will help with QA on deliverables). Thus, these positions require self-motivated, educated, and mature candidates who are comfortable with working with minimal supervision.
All members of the team are required to learn and support the various aspects of the work required under this task. The client has licensed the RSA Archer™ product as a FISMA/SA&A support tool, primarily for use in POA&M (~300 plans) and ISA/MOU (~30) management, as well as general security reporting and tracking. Our client is currently sustaining a FISMA portfolio of approximately 100 systems, with a mix of general support as well as major/minor application systems.
As our Senior Security Specialist or Security Analyst II, you will be a key technical member of the team, charged with sustaining and evolving the specified elements of the SA&A program, including the processes and tools employed throughout our client’s FISMA compliance program.
The successful candidate will:
Required Experience and Abilities:
Years of Experience:
For the Senior Security Specialist/ISSO position, at least six years of federal information security experience. At least three years involving the SA&A and security planning processes, as well as the POA&M management process.
For the Security Analyst/ISSO position, at least three years of federal information security experience. At least 18 months involving the SA&A and security planning processes, as well as the POA&M management process.
Candidates must hold one or more of the following certifications (or equivalents): Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), and/or CompTIA Security+.
VariQ is an equal opportunity employer.