This job is closed
We regret to inform you that the job you were interested in has been closed. Although this specific position is no longer available, we encourage you to continue exploring other opportunities on our job board.
Criterion Systemsposted 6 days ago
$130,000 - $150,000/Yr
Full-time - Mid Level
Hybrid - DC, DC
Professional, Scientific, and Technical Services
About the position
At Criterion Systems, we developed a different kind of business-a company whose real value is a reputation for excellence built upon the collective skills, talents, perspectives, and backgrounds of its people. By accepting a position with Criterion Systems, you will join a group of professionals with a collaborative mindset where we share ideas and foster professional development to accomplish our goals. In addition to our great culture, we also offer competitive compensation and benefit packages, company-sponsored team building events, and advancement opportunities. To find out more about how Criterion can help you take your career to the next level please visit our website: www.criterion-sys.com. Criterion Systems is a Military/Veteran Friendly Company therefore we encourage Veterans to apply.
Responsibilities
- Develop and maintain MARAD's Information System's core security and privacy documentation, in accordance with each phase of the System Development Life Cycle (SDLC) with standardized templates, baseline management with supporting checklists and technical guides, and policies.
- Work with stakeholders to create or update Privacy Threshold Analyses (PTAs) and other privacy documents, FIPS 199 Security Categorization document, control selection listing, System Security Plan (SSP), Information System Configuration Management Plan, and Account Management Plan.
- Develop information system contingency plans, including Business Impact Analysis (BIA), in accordance with NIST SP 800-34 Revision (Current), Guide to Test, Training and Exercise Programs for Information Technology Plans and Capabilities.
- Ensure contingency plan test exercises results are documented in an after-action report, and Lessons Learned corrective actions are captured for updating information in the Information Systems Contingency Plan (ISCP).
- Develop and maintain Inventory of Information System Interconnections and review, develop/update Interconnection Security Agreements and MOUs in accordance with NIST 800-47.
- Provide security support and evaluation to development teams to develop core and privacy documentation, integrating information assurance/security throughout the System Life Cycle Development of major and minor application releases.
- Support security in the system engineering process, supporting Risk Management Framework (RMF) task(s) in accordance with NIST Special Publication 800-37, and the DOD Risk Management Framework.
- Provide ongoing recommendations for mitigation of all threats and risks affecting the MARAD environment.
- Assist in the mitigation/remediation process, following corrective action plans approved by MARAD leadership.
- Track and evaluate weaknesses, vulnerabilities identified by Nessus and other security scan tools, and provide remediation or corrective actions to improve the MARAD security posture.
- Maintain a current MARAD information system endpoint inventory and ensure inventory accuracy and security tool suites are installed in accordance with approved baseline.
- Support MARAD's SDLC and DevSecOps implementation, maintain architecture diagrams, process and standard operation procedures documentation.
- Assist the System Owner, Information Owner, and ISSM in recording all known security weaknesses of assigned information systems in the Plans of Action and Milestones (POA&M's).
Requirements
- US Citizenship and ability to obtain a public trust.
- At least 6 years total information system and network security experience.
- At least 4 years of experience with the federal government creating and maintaining IT Authorization to Operate (ATO) packages and RMF documentation.
- Bachelor's Degree in relevant field or 4 years of equivalent work experience in lieu of degree.
- Ability to go onsite in DC 2 times a week.
- Experience in maritime/vessel cybersecurity.
- Understanding of IT governance and management in the federal sector.
- Expert level knowledge of Federal Cybersecurity and Privacy Laws, Regulations, Policies, Procedures, and implementation standards.
- Understanding of information assurance, cybersecurity, privacy policies disciplines, methodologies including NIST Risk Management Framework (RMF), NIST Cybersecurity Framework (CSF).
- Understanding of the Federal Government's deployment of Information Security Continuous Monitoring (ISCM).
- Proficient in Microsoft Office products: Word, Excel, PowerPoint, Visio, Teams, Power BI, Tableau, and SharePoint.
- Equivalent of IAM Level III certification in accordance with DoD 8570.01M, such as CISSP or CISM or ability to obtain it within 6 months.
Nice-to-haves
- Experience developing privacy documentation such as PTAs, PCMs, and PIAs.
- Experience with Operational Technology cybersecurity controls and principles.
- Desired certifications: ITILv3, CASP, Project Management Professional (PMP) or Certified Information Systems Manager (CISM).
Benefits
- Medical, Dental, Vision, Life Insurance, Short-Term Disability, Long-Term Disability, 401(k) match, Tuition/Training Assistance, Parental Leave, Paid Time Off, and Holidays.
Hard Skills
Nessus
2
Active Directory
1
BigFix
1
Itilv3
1
Unix
1
0G1sYLqS ZXYiOTkWbJD
0
18JApTCXaLwl cY3VgwPbu
0
1ub2PBTN7gOA Xj1mgyJf
0
2rUsGF1N 5RrB1Ae3ThGL
0
3jgzVEfBq i91pWLsZr
0
4URoZkCx dUrnQCWZIR
0
5meRY0dh eNLG
0
5vPlJbwFitM2 nHjKCXFeh
0
6kWBe 3fHY
0
6uFAZqU TgibxaPj
0
6zHMuV1YacG zh3NQ8rWjHmw
0
8gPlv23TBzd9 ZAc71QuJL
0
BfbxXljT Bt1u9VRU
0
FJqEQMGrK5sc HcxkdtMy
0
FvzJYC5I qWtfKV8Tsi
0
GKwzW doDziVSgbUj
0
GYiJn2mWkqrN Lv1b24I6GAS 78UWVtYDs
0
J3SzH q2bJL8eRc
0
LgE4wOyqj mrMA i67rs1P 3hoAxP6VIMu
0
NnIxPXl6 UzYkpOiq82xE CIYml FlfWGE
0
Ozob1cmTeH 6DYwb5dk
0
Pz0d5CLHB6 ep1Tdzs
0
RI4QLsJl OJLqxmIpYh74
0
S8479iAa
0
SoeY
0
UxfClN sdG
0
VAyzSaHr SweQ3q2ZmMPf
0
XEm RdI9TPVtO
0
XU0zAmdvaCL1yV
0
Y4ux gKLpTmVcbOQq 3DMwRECWv
0
YmO TA10YZeVf
0
Z9jL13ycR2b6 T7yQSBIN
0
a5jYLQFiIWrD 6lPHOwxF
0
aQr0y u2lK1vSaWcT
0
aXuJscPAwix TWoZxL3RKYs
0
apfvJSM29Oco Atoe6aVq
0
c6MBjivF VisaFpwP26j0 qUDFYWAu
0
fVkpZ8hU O7snlGeawo0
0
gCrh2OYp6RJ h6seERkun1Z
0
i17dg5b6fVYy vGFbl69Y
0
j0ogiFPH7 oWs05ZEN
0
juvD7rcLqe UHDtfdTOo1jQvY
0
kgw0s6 4fHcipV
0
l4D nXCsP1vIHig
0
mQiew AkYDHmTQOWz
0
mwYpO qt26G
0
nWXu7 VG0FJPT4RcU
0
o26zi GuNHTFDkiZ
0
p3bW6 6lz Eqbh73d eou9 N142RYFGOH9
0
pOiqM0fvQ4z1 uPFpfC70
0
pl4eZASPyXum bDAgmzo6
0
prHcltWBdNP ASevUQMhxkL
0
pv1aNMtYd DU63vbSZ
0
u1NoI RibdNaOo3
0
ub4LZ1SCKVUN JCFhdntGe5
0
vfd0p7xKZrES BE4wIPHAJ 7gYCOMmpnhk IPSd9o6x
0
wbAYBO7HrDIR dlSZItYcrm
0
zI4jAdxC6 sIW6kqbTXJ 5FxhZo3iks
0
zLatKZIHN6Fw QFI6AdzCi
0
Soft Skills
79nuol OoRt2hd7l0w
0
A Smarter and Faster Way to Build Your Resume