Senior Security Controls Assessment (SCA) Engineer

Job ID
# of Openings
IT Security
Work Authorization
US Citizens, preferred


VariQ has an exciting opportunity for a highly qualified Senior Security Controls Assessment (SCA) Engineer to support the CMS project in Maryland.


Additional Information:

  • LocationBaltimore, MD with 35% travel component
  • Salary: Dependent upon experience
  • Security Clearance: None
  • Available: ASAP


The individual will perform security testing and security control assessments on federal applications to ensure compliance with the NIST 800-53a and agency specific requirements. The position will also require the ability to technically assess both application and general support system security configurations and implementation. The candidate will have had prior experience working with a wide variety of technologies, be well versed in the current state of Information Security, and be able to interpret the requirements of relevant governing bodies (NIST, OMB, GAO, etc). The individual will be required to interface with federal employees and contractors to perform the security assessment activities. Additionally, this individual is responsible for assisting in the presentation of the vulnerability findings to the client. The ideal candidate will have prior experience performing full scope Risk Management processes for a federal client, to include Certification and Accreditation (C&A), FISMA Self Assessments, Technical Assessments (Vulnerability analysis, penetration testing), and Risk Assessments.


Required Skills:

  • 8+ years Sr. Level knowledge and understanding of NIST 800-53 and FISMA
  • 8+ years prior experience performing system testing (security or functional)
  • Security Professional Certification (CISSP, CISA, CISM, GSEC)
  • 8+ years of Information Technology experience
  • 5+ years of experience with Information Security
  • Bachelor's degree in information technology related field
  • 8+ years of professional experience with 4-8 years of technical security assessment experience will be considered in lieu of a 4-year degree
  • 3+ years “hands-on” technical experience in one of the following disciplines application development, software engineering, system administration, network administration or database administration experience
  • Vulnerability scanning and analysis experience
  • Excellent technical writing skills and attention to detail
  • Exceptional communication skills
  • Strong leadership and organizational skills
  • Excellent facilitation skills and ability to lead group discussions
  • Experience in mentoring and coaching staff
  • This work will require up to 35% of travel in the Continental US.


Desired Skills:

  • Web application assessments
  • Security architecture and design
  • Security awareness and training
  • Identity and access management
  • Advanced technical degree
  • Project planning and scheduling
  • Experience in speaking or presenting at national and local security conferences and events




VariQ is an equal opportunity employer.



Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed