Cybersecurity Service Provider (CSSP) Analyst

Criterion Systems - Las Vegas, NV

posted 3 months ago

Full-time - Mid Level
Remote - Las Vegas, NV
Professional, Scientific, and Technical Services

About the position

At Criterion Systems, we developed a different kind of business—a company whose real value is a reputation for excellence built upon the collective skills, talents, perspectives, and backgrounds of its people. By accepting a position with Criterion Systems, you will join a group of professionals with a collaborative mindset where we share ideas and foster professional development to accomplish our goals. In addition to our great culture, we also offer competitive compensation and benefit packages, company-sponsored team building events, and advancement opportunities. To find out more about how Criterion can help you take your career to the next level please visit our website: www.criterion-sys.com. Criterion Systems is a Military/Veteran Friendly Company therefore we encourage Veterans to apply. We are seeking a mission-focused Cybersecurity Service Provider (CSSP) Analyst to support and contribute to our government customer's success in Las Vegas, NV! The CSSP Analyst is responsible for the efficient execution of the CSSP Evaluator Scoring Metrics (ESM). The CSSP Analyst will support control functions, including assisting with planning and analysis of cybersecurity activities. This role involves tracking baselines, reporting on deliverables, and communicating findings. The analyst will identify and prioritize cybersecurity activities, create necessary reports, and perform issue/risk/action item tracking. Additionally, the CSSP Analyst will help develop CSSP artifacts and track historical data, review current status and schedule for forecasting future activities, and ensure compliance with ESM requirements, verifying and documenting results for formal acceptance. The role also includes identifying and proposing solutions for areas of improvement and assisting in developing and issuing pertinent communication to the subscribers and stakeholders.

Responsibilities

  • Tracking of baselines, reporting on deliverables, and communication of findings.
  • Identifying and prioritizing cybersecurity activities.
  • Creating necessary reports.
  • Performing issue/risk/action item tracking.
  • Creating and managing daily task lists of action items and follow-up activities.
  • Helping develop CSSP artifacts and track historical data.
  • Reviewing current status and schedule for forecasting future activities.
  • Monitoring and reporting on progress of subscriber reviews, including timelines and status.
  • Ensuring compliance with ESM requirements, verifying and documenting results for formal acceptance.
  • Identifying and proposing solutions for areas of improvement (continuous process improvement).
  • Assisting the CSSP in developing and issuing pertinent communication to the subscribers and stakeholders.
  • Performing and reviewing vulnerability scans.
  • Tracking vulnerability and compliance trends.

Requirements

  • Bachelor's degree in Computer Science, Business Administration or related degree.
  • Minimum of 6 years related experience.
  • Excellent written, analysis and communications skills - communicate clearly and concisely with diverse audiences and should be comfortable giving and receiving feedback.
  • US Citizenship (no dual citizens).
  • Strong preference for individual with Active Department of Energy (DOE) 'Q' Clearance OR Top Secret Security Clearance OR Secret Clearance; however, those with the ability to obtain a clearance will be considered.
  • Some limited travel required up to 10%.
  • Must be able to work full time onsite with the potential to telecommute one to two days.
  • Must have demonstrated ability to work both independently and collaboratively with CSSP team members, customers and external vendors.
  • Strong experience with features of MS Project, Excel, Visio, SharePoint, and Word.
  • Strong customer-service orientation.
  • Compliance with NICE Framework Work Role ID(s) OM-ANA-001 & PR-CDA-001.
  • Strong knowledge of IT technology and Cybersecurity services.
  • Experience in change and risk management.
  • Analytical skills and problem solving skills needed to manage multiple factors on a project simultaneously.
  • Strong team working skills.
  • Attention to and precision with detail.
  • Energetic with a can-do approach to work, who tracks and follows up on tasks independently, who seeks out additional work, and who recommends ways to improve upon current activities.
  • Developing and reviewing documentation such as policies, procedures, baselines, and risk assessments.
  • Understanding of regulatory compliance.
  • Strong understanding of information system logs for troubleshooting configuration issues.

Nice-to-haves

  • Experience with Tenable Products.
  • Experience with RedSeal including configuration, system scoring, and vulnerability evaluation.
  • Strong understanding of DISA STIG's, NIST Guidelines or other system security and hardening guidance (e.g. SCAP).
  • Familiarity with NIST 800-53, CISA ED's, BOD's, and DoD Instructions and Directives.
  • Ability to obtain Derivative Classifier Certification.
  • SEC+, CISSP, CISM, NICE Framework Work Role ID(s) OM-ANA-001 & PR-CDA-001 certifications a plus.
  • Experience with developing and reviewing Splunk Dashboards.
  • Experience with ticketing systems.

Benefits

  • Disability insurance
  • Health insurance
  • Dental insurance
  • Paid time off
  • Parental leave
  • Vision insurance
  • 401(k) matching
  • Opportunities for advancement
  • Life insurance

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service