Program Manager (Level III)

VariQ is an information security and information technology services company delivering strategic solutions to technology-enabled enterprises. Core competencies include Cyber Security, IT Infrastructure support, and Program Management. VariQ is a Microsoft Gold Partner and a Symantec Platinum Partner.

The Program Manager (PM) is responsible for oversight and management of all Task Order, (TO) activities, to include customer interaction and management, task assignment and delivery, quality control/assurance for all deliverables, task performance and issue/risk resolution, and team management of ISSOs in both the FBI Headquarters space and in regional Field Offices. Additionally, the PM will serve as the Senior ISSO supporting all security responsibilities, for multiple systems and applications within a designated FBI Division. * Organizes, directs, and manages contract operation support functions involving multiple, complex, inter-related project tasks. Interacts with the customer, other stakeholders and contract personnel to formulate and review task plans, maintaining schedules and deliverable items. * Manages and leads teams of contract support personnel at multiple locations across the US. Maintains and manages the client interactions at the senior levels of client organization. * The candidate will have expertise in analyzing and advising on the risk and remediation of security issues based on reports from security assessments, vulnerability assessment scanners, patch management tools, and emerging threat information. * Expertise in supporting and/or conducting the Federal Information Security Management Act (FISMA) audits. Understanding of POA&Ms, SAPs, FISMA and NIST guidelines. * Experience processing applications through the Certification and Accreditation (C&A) and process coordinating and supporting the integration and testing of system level security requirements which may includeresearching, verifying and documenting information security controls in order for the "systems" to be accredited. * Communicate and enforce security policies, procedures and safeguards for all systems and staff, based upon DOJ, FBI, and NIST * Creates and compiles Authorization packages to include: Designation Letters, Security Plans, Contingency Plans, SOPs. * Ensures conformance with program task schedules and costs. Establishes and maintains technical and financial response to show progress of projects to management and the customer.

* Providing Program Management in overseeing schedules of deliverables and ensuring that day to day security is maintained for assigned information systems. * Ensuring all Information Systems (IS)s are operated, maintained, and disposed of in accordance with security policies and practices outlined in the FBI's Information System Security Assessment (ISSA) Handbook and NIST publication series NIST 800-53 * Ensure that all users have the requisite security clearances, authorization, and need-to-know, and are aware of their security responsibilities before they are granted access to the IS * Initiate protective and corrective measures when a security incident or vulnerability is discovered * Monitor system recovery processes and ensure the proper restoration of an IS security features * Ensure Configuration Management (CM) for security-relevant IS software, hardware, and firmware is documented and maintained * Support certification activities throughout the ISSA process (previously known as Certification and Accreditation process); * Ensure that system security requirements are complied with, unless waived during all phases of the system lifecycles * Establish audit trails and ensure their review, and make them available, when required, to the Chief Security Officer (CSO) or the Information System Security Manager (ISSM); * Retain audit logs in accordance with Department of Justice (DOJ), Office of Director of National Intelligence (ODNI) and/or FBI policy * Ensure awareness and precautionary measures are exercised to prevent introduction and/or proliferation of malicious code; manage review and release of media and/or memory components * Ensure general users and privileged users are trained-in the specific knowledge needed for them to safely operate and maintain the ISs to which they have access, including general security awareness and specialized privileged user training * Disseminate, control, and manage the issuance of user identifications and passwords for assigned ISs, and provide authorized lists to appropriate system administrators. * Develop, implement, and enforce information systems security policies. * Maintain System Security Plans (SSPs) and all- other system security documentation * Development of other required system plans: Configuration Management Plan (CMP), Contingency Plan (CP), Continuity of Operations (COOP) and Disaster Recovery Plan (DRP) (as required), and Incident Response Plan (IRP). * Support risk assessment and evaluation activities throughout the Certification and Accreditation (C&A) or site accreditation process. * Able to implement and maintain continuous monitoring, * Establish audit trails, ensuring their review and reporting all identified security findings.

* Active PMP Certification and 5+ years of experience in Program Management is desired * Active Top Secret Clearance required * Currently hold one of the following industry recognized security certifications, CISSP, SANS GIAC Information Security Professional, (GISP), Computer Technology Industry Association, (CompTIA) Advanced Security Practitioner, (CASP) or other certifications exemplifying skill sets such as those described in DoD 8570.1 IAM Level III proficiency. * Experience using and operating security tools such as, but not limited to, Tenable's Nessus and/or Security Center, IBM Guardium, HP WebInspect, or like applications, and Network Mapper, (NMAP). * A Bachelors or Advanced Degree in Computer Science, Cybersecurity, Mathematics, or Engineering is highly desirable; 5-years work experience in a computer science, or cybersecurity related field.