VariQ has an exciting opportunity for a highly qualified Security Analyst II / Security Specialist to support our client in Denver, CO.
Role: As the Security Analyst II (SA) for this engagement, the successful candidate will serve as a member of the technical staff supporting our federal client in the cybersecurity domain. The work will focus on federal information and cybersecurity doctrine, including FISMA and the NIST issuances. Our client’s FISMA compliance program is risk-based (in agreement with NIST issuances), with a lifecycle that leads to and sustains ATOs. Like most federal agencies, our client is constantly improving and refining systems, developing and deploying new systems, refreshing technologies, and incorporating new products as the IT market advances. Simultaneously, our client must address the ever-evolving threat landscape, changes in statute, standards, and regulations, and the continuous adaptation of their information security program to provide appropriate, cost-effective security in the midst of all of these factors.
All members of the team are required to learn and support the various aspects of the work required under this task. The client has licensed the CSAM as a FISMA/SA&A support tool, primarily for use in POA&M and System Security Plan elements as well as general security reporting and tracking. The client must also submit the customary CyberScope data, including PMC, CAP, and FISMA inventory information. Our client is currently sustaining a FISMA portfolio of approximately 30 Systems with at least an annual update to the SSP, All 30 systems each year require new or heavily updated SSPs. Our client uses the traditional per-system SSP model, as well as program-level SSPs that support reuse and common control inheritance. Many of our client’s applications are being moved to the cloud, using the government’s FedRAMP program. Compliance with the least-privilege control requirement is accomplished, in part, by periodic revalidation that user access to SBU/CUI is required due to need-to-know/need-for-duty.
As our Security Analyst II, you will be a key technical member of the team, charged with sustaining and evolving the specified elements of the SA&A program, including the processes and tools employed throughout our client’s FISMA compliance program.
The successful candidate will:
Required Experience and Abilities:
VariQ is an equal opportunity employer.