- Has expertise in and follows NIST 800-53 guidelines and NIST 800-53a security controls assessment practices.
- Expert knowledge and hands-on experience with FISMA Systems, NIST 800-series guidelines, FIPS, C&A requirements and processes, Continuous Monitoring Framework experience and its tools, Plan of Action & Milestones (POA&M) policies, and vulnerability/patch management.
- Experience in several of the following areas is required; understanding of business security practices and procedures; knowledge of current security tools available; hardware/software security implementation; different communication protocols; encryption techniques/tools; familiarity with commercial products, and current Internet/EC technology.
- Proficient with vulnerability and scanning tools and well-versed in interpreting risk posture resulting from assessment reports.
- Ability to serve as Information System Security Officer.
Education: Bachelor’s degree or equivalent experience in a related field.
Security Certification(s): CISSP, CISM, CRISC, CISA or ABCP
Required Experience: 8+ years relevant experience.
VariQ is an equal opportunity employer.