• Information Assurance/Cyber Security Subject Matter Expert

    Job Locations US-DC
    Job ID
    # of Openings
    IT Security
    Work Authorization
    US Citizens, preferred
    Contract - W2
  • Overview

    VariQ is seeking a Moderate Level Information Assurance/Cyber Security Subject Matter Expert to support our client in Washington, DC.


    Additional Information:

    • Available: ASAP
    • Location: St. Elizabeth Campus in DC
    • Security Clearance: Secret clearance is required
    • Salary: dependent upon experience


    • Conducting and maintaining vulnerability scanning on networks; systems and applications
    • Producing actionable; risk-based reports on security assessment results
    • Managing; training and mentoring more junior team members
    • Assisting with vulnerability remediation when necessary
    • Developing and maintaining security plans and security testing plans
    • Deliver expected results based on appropriate FISMA score category targets across 7 of 11 security automation domains for Continuous Monitoring of system risk
    • Report directly to IA SME Lead and assist other security life cycle activities as necessary
    • Direct Recertification & Accreditation activities for 8 (eight) discrete IP-based networks and assist IA SME Lead with managing schedule to completion (ATO)
    • Be responsible and accountable for all task and reporting deadlines
    • Continuously improve risk models; metrics; reports; processes; and activities
    • Manages the security of information systems assets and the protection of systems from intentional or inadvertent access or destruction.
    • Manages the security of information systems assets and the protection of systems from intentional or inadvertent access or destruction.
    • Recognizes potential; successful; and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information
    • Interfaces with client to understand their security needs and oversees the development and implementation of procedures to accommodate them.
    • Weighs business needs against security concerns and articulates issues to management and/or customers.
    • Maintains current knowledge of relevant technology as assigned.
    • Provides guidance in the creation and maintenance of Standard Operating Procedures and other similar documentation
    • Participates in special projects as required.
    • Ability to manage vendor relationships and track externally dependent patching activities; driving the threat research life cycle
    • Ability to learn complex computing environments quickly; memorization skills desired
    • Broad understanding of all aspects of IT and enterprise systems interoperability (OSI Model; SDLC; ITIL; etc.)
    • Coordinate with other team (SOC; IR; RMD; Ops; Management; etc.) activities as necessary
    • Managing vulnerability mitigation and information security process in an enterprise environment
    • Proven ability to Lead customer-facing reporting and negotiation activities
    • Ability to produce and disseminate reports for vulnerability assessments and compliance reporting


    Education and Experience:

    • Bachelor’s Degree in Computer Science or a related technical discipline, or the equivalent combination of education, technical training, or work experience.
    • 6-8 years of information security management experience; preferably in the DoD/DHS/DOE context
    • Knowledge of network security concepts; best practices and procedures including FISMA/NIST RMF and DITSCAP/DIACAP
    • Knowledge of Windows client/server; *NIX systems; VMWare; networking; VTC/ VoIP; device firmware; web/application servers; databases; and network architectures (hands on preferred; manages highly technical team)


    Required Skills/Experience:  

    • Prior ISSO experience a must
    • Current DHS HQ Entry on Duty (EOD) holders given preference
    • DoD SECRET required
    • Strong communication skills and the ability to work with diverse teams
    • Experience with one or more of the following tools: ArcSight SEIM, Xacta, BMC Automated Discovery, BMC Remedy, BMC Footprints, and Tenable Nessus
    • Previous experience with DHS Regulations 1) 4300 A, B, and C, 2) DHS POA&M Management Framework, or 3) DHS Authorization Data Flow is a plus


    VariQ is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, or protected veteran status.



    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed