VariQ has an exciting opportunity for a highly qualified Cybersecurity Specialist to support our client in Denver and other states West of CO.
Ensuring that Stakeholders adhere to Federal Information Assurance policies and procedures to acquire and maintain an Information System's Authority to Operate (ATO) under The Federal Information Security Management Act (FISMA).
Following NIST 800-53 guidelines and NIST 800-53a security controls assessment practices
Guide systems engineering design and development toward a "baked-in" security design using Information Assurance best practices as well as DOI-specific policies and guidelines
Expert knowledge and hands-on experience with FISMA Systems, NIST 800-series guidelines, FIPS, C&A requirements and processes, Continuous Monitoring Framework experience and its tools, Plan of Action & Milestones (POA&M) policies, and vulnerability/patch management
Proficient with vulnerability and scanning tools and well-versed in interpreting risk posture resulting from assessment reports.
Experience in project management and tracking, and the Microsoft suite of office products
Following IAPS processes regarding people management and project management (performance management, planning, scheduling, etc.)
Guide engineering development for the security design using IA enabled products
Maintain up to date documents such as procedures, work instructions, plans and manuals
Risk assessment experience, especially with NIST 800-53 Threat identification, system security categorization, gap analysis, compliance reporting
security plan knowledge and creation experience a definite plus
Knowledge of and experience with quality assurance and continuous monitoring
Experience working in SCIF a plus
Knowledge of INFOSEC Assessment Methodology/Evaluation Methodology (NSA IAM/NSA IEM)
contribute to the accuracy and efficiency of analysis operations through technical innovation, procedural refinement, training of analysts and analyst oversight
Accountable for the real-time analysis, commentary and handling of security events
Demonstrate the analysis system and analyst capabilities
5+ years of experience in computer science or cyber-related field
One of the following certifications preferred, or individual should be willing to complete within 6 months of hire: CISSP, CAP
Experience using scanning tools/devices
occasional travel May be required
VariQ is an equal opportunity employer.