Information Security Compliance and Assessment Specialist
Criterion Systems - Germantown, MD
posted 2 days ago
About the position
At Criterion Systems, we developed a different kind of business-a company whose real value is a reputation for excellence built upon the collective skills, talents, perspectives, and backgrounds of its people. By accepting a position with Criterion Systems, you will join a group of professionals with a collaborative mindset where we share ideas and foster professional development to accomplish our goals. In addition to our great culture, we also offer competitive compensation and benefit packages, company-sponsored team building events, and advancement opportunities. To find out more about how Criterion can help you take your career to the next level please visit our website: www.criterion-sys.com. Criterion Systems is a Military/Veteran Friendly Company therefore we encourage Veterans to apply.
Responsibilities
- Ensuring the implementation of DOE and NNSA cyber security policies and procedures for information systems
- Performing process and system evaluations (assessments) to ensure compliance with established policies, processes, procedures, and applicable standards
- Validating security control assessments results
- Performing a variety of technical and administrative activities related to the function of QA (auditing), including, but not limited to, scheduling, checklist development, report writing, facilitating root cause/lessons learned analysis, and internal/external presentations
- Compiling, analyzing, and reporting on findings of non-compliance and providing recommendations for improvement
- Capturing and maintaining plans of action and milestones on findings of non-compliance
- Tracking and escalating unresolved non-compliance issues and corrective and preventative action plans to closure
- Validating cyber security tests and assessments are conducted in accordance with established policies and procedures
- Formally and informally presents information in group and individual settings
Requirements
- U.S. Citizenship (NO dual-citizenship)
- Bachelor's Degree in a related field with appropriate background and knowledge of current industry technologies/standards for enterprise networks. Prior experience in information security/information assurance roles in may be substituted for education requirements (e.g., implementing and managing FISMA, FedRAMP, DoDI 8500.2, HIPAA, or PCI requirements)
- Five (5) years of related work experience
- Applicable certification or the ability to obtain it within 6 months; the Information Security Compliance and Assessment Specialist maps to the NICE Cybersecurity Workforce Framework role of Mission Assessment Specialist
- Experience with NIST SP 800-53, Risk Management Framework (RMF), and security assessment tools
- Demonstrated knowledge and/or experience with Operating System, Virtualization, and Networking technologies
- Must be able to demonstrate specialized experience applying the principles, practices, and techniques used by information systems security personnel
- Proficiency with Microsoft Office products (Word, Outlook, Excel, PowerPoint, and SharePoint)
- Must have strong attention to detail
- Effective verbal and written communication and presentation skills
- Strong planning, organizational, and time management skills
- Demonstrated initiative and ability to work independently, as well as strong interpersonal skills that foster the ability to work effectively on teams, communicate effectively
Benefits
- Medical
- Dental
- Vision
- Life Insurance
- Short-Term Disability
- Long-Term Disability
- 401(k) match
- Tuition/Training Assistance
- Parental Leave
- Paid Time Off
- Holidays
