Criterion Systems
Information Security Compliance and Assessment Specialist
Criterion Systems, Albuquerque, New Mexico, United States, 87101
Overview
At Criterion Systems, we developed a different kind of business—a company whose real value is a reputation for excellence built upon the collective skills, talents, perspectives, and backgrounds of its people. By accepting a position with Criterion Systems, you will join a group of professionals with a collaborative mindset where we share ideas and foster professional development to accomplish our goals. In addition to our great culture, we also offer competitive compensation and benefit packages, company-sponsored team building events, and advancement opportunities. To find out more about how Criterion can help you take your career to the next level please visit our website: www.criterion-sys.com . Criterion Systems is a Military/Veteran Friendly Company therefore we encourage Veterans to apply.
Responsibilities
We are seeking anInformation Security Compliance and Assessment Specialistto join a U.S. Department of Energy, National Nuclear Security Administration contract inAlbuquerque, NM, Las Vegas, NV, Germantown, MD, or Washington, DC.
In this role, you will serve as a Quality and Compliance Advisor on all matters involving the security of internal information systems. You will have the detailed knowledge and expertise required to provide management with the information and tools to ensure conformance to requirements and improve information assurance quality processes of the organization. You will identify and define areas of non-conformance to requirements and security policies and procedures through ongoing monitoring and assessments.
Duties, Tasks & Responsibilities
Ensuring the implementation of DOE and NNSA cyber security policies and procedures for information systems
Performing process and system evaluations (assessments) to ensure compliance with established policies, processes, procedures, and applicable standards
Validating security control assessments results
Performing a variety of technical and administrative activities related to the function of QA (auditing), including, but not limited to, scheduling, checklist development, report writing, facilitating root cause/lessons learned analysis, and internal/external presentations
Compiling, analyzing, and reporting on findings of non-compliance and providing recommendations for improvement
Capturing and maintaining plans of action and milestones on findings of non-compliance
Tracking and escalating unresolved non-compliance issues and corrective and preventative action plans to closure
Validating cyber security tests and assessments are conducted in accordance with established policies and procedures
Formally and informally presents information in group and individual settings
Qualifications
Required Experience, Education, Skills & Technologies
U.S. Citizenship (NO dual-citizenship)
Bachelor’s Degree in a related field with appropriate background and knowledge of current industry technologies/standards for enterprise networks. Prior experience in information security/information assurance roles in may be substituted for education requirements (e.g., implementing and managing FISMA, FedRAMP, DoDI 8500.2, HIPAA, or PCI requirements)
Five (5) years of related work experience
Applicable certification or the ability to obtain it within 6 months; the Information Security Compliance and Assessment Specialist maps to the NICE Cybersecurity Workforce Framework role of Mission Assessment Specialist
Experience with NIST SP 800-53, Risk Management Framework (RMF), and security assessment tools
Demonstrated knowledge and/or experience with Operating System, Virtualization, and Networking technologies
Must be able to demonstrate specialized experience applying the principles, practices, and techniques used by information systems security personnel
Proficiency with Microsoft Office products (Word, Outlook, Excel, PowerPoint, and SharePoint)
Must have strong attention to detail
Effective verbal and written communication and presentation skills
Strong planning, organizational, and time management skills
Demonstrated initiative and ability to work independently, as well as strong interpersonal skills that foster the ability to work effectively on teams, communicate effectively
Security Clearance Level
DOE Q/SCI
Certifications:
Must be able to maintain the appropriate NICE framework certification level by obtaining/holding at least one certification within 6 months of hire.
Work Schedule
Full-time on-site
Pay Rate
The projected compensation range for this position is $75,000 - $120,000. Please note that the salary information is a general guideline only. Criterion Systems considers factors such as (but not limited to) scope and responsibilities of the position, candidate's work experience, education/ training, key skills as well as market and business considerations when extending an offer.
Benefits Offered
Medical, Dental, Vision, Life Insurance, Short-Term Disability, Long-Term Disability, 401(k) match, Tuition/Training Assistance, Parental Leave, Paid Time Off, and Holidays.
Criterion Systems, LLC and its subsidiaries are committed to equal employment opportunity and non-discrimination at all levels of our organization. We believe in treating all applicants and employees fairly and make employment decisions without regard to any individual’s protected status: race, ethnicity, color, national origin, ancestry, religion, creed, sex/gender, gender identity/gender expression, sexual orientation, physical and mental disability, marital/parental status, pregnancy (including childbirth, lactation, and related medical conditions), age, genetic information (including characteristics and testing), military and veteran status, or any other characteristic protected by law. For our complete EEO/AA and Pay Transparency statement, please visit https://careers-criterion-sys.icims.com/.
Job LocationsUS-NM-Albuquerque | US-MD-Germantown | US-NV-Las Vegas | US-DC
ID 2024-3263
Category Information Technology
Type Mid
At Criterion Systems, we developed a different kind of business—a company whose real value is a reputation for excellence built upon the collective skills, talents, perspectives, and backgrounds of its people. By accepting a position with Criterion Systems, you will join a group of professionals with a collaborative mindset where we share ideas and foster professional development to accomplish our goals. In addition to our great culture, we also offer competitive compensation and benefit packages, company-sponsored team building events, and advancement opportunities. To find out more about how Criterion can help you take your career to the next level please visit our website: www.criterion-sys.com . Criterion Systems is a Military/Veteran Friendly Company therefore we encourage Veterans to apply.
Responsibilities
We are seeking anInformation Security Compliance and Assessment Specialistto join a U.S. Department of Energy, National Nuclear Security Administration contract inAlbuquerque, NM, Las Vegas, NV, Germantown, MD, or Washington, DC.
In this role, you will serve as a Quality and Compliance Advisor on all matters involving the security of internal information systems. You will have the detailed knowledge and expertise required to provide management with the information and tools to ensure conformance to requirements and improve information assurance quality processes of the organization. You will identify and define areas of non-conformance to requirements and security policies and procedures through ongoing monitoring and assessments.
Duties, Tasks & Responsibilities
Ensuring the implementation of DOE and NNSA cyber security policies and procedures for information systems
Performing process and system evaluations (assessments) to ensure compliance with established policies, processes, procedures, and applicable standards
Validating security control assessments results
Performing a variety of technical and administrative activities related to the function of QA (auditing), including, but not limited to, scheduling, checklist development, report writing, facilitating root cause/lessons learned analysis, and internal/external presentations
Compiling, analyzing, and reporting on findings of non-compliance and providing recommendations for improvement
Capturing and maintaining plans of action and milestones on findings of non-compliance
Tracking and escalating unresolved non-compliance issues and corrective and preventative action plans to closure
Validating cyber security tests and assessments are conducted in accordance with established policies and procedures
Formally and informally presents information in group and individual settings
Qualifications
Required Experience, Education, Skills & Technologies
U.S. Citizenship (NO dual-citizenship)
Bachelor’s Degree in a related field with appropriate background and knowledge of current industry technologies/standards for enterprise networks. Prior experience in information security/information assurance roles in may be substituted for education requirements (e.g., implementing and managing FISMA, FedRAMP, DoDI 8500.2, HIPAA, or PCI requirements)
Five (5) years of related work experience
Applicable certification or the ability to obtain it within 6 months; the Information Security Compliance and Assessment Specialist maps to the NICE Cybersecurity Workforce Framework role of Mission Assessment Specialist
Experience with NIST SP 800-53, Risk Management Framework (RMF), and security assessment tools
Demonstrated knowledge and/or experience with Operating System, Virtualization, and Networking technologies
Must be able to demonstrate specialized experience applying the principles, practices, and techniques used by information systems security personnel
Proficiency with Microsoft Office products (Word, Outlook, Excel, PowerPoint, and SharePoint)
Must have strong attention to detail
Effective verbal and written communication and presentation skills
Strong planning, organizational, and time management skills
Demonstrated initiative and ability to work independently, as well as strong interpersonal skills that foster the ability to work effectively on teams, communicate effectively
Security Clearance Level
DOE Q/SCI
Certifications:
Must be able to maintain the appropriate NICE framework certification level by obtaining/holding at least one certification within 6 months of hire.
Work Schedule
Full-time on-site
Pay Rate
The projected compensation range for this position is $75,000 - $120,000. Please note that the salary information is a general guideline only. Criterion Systems considers factors such as (but not limited to) scope and responsibilities of the position, candidate's work experience, education/ training, key skills as well as market and business considerations when extending an offer.
Benefits Offered
Medical, Dental, Vision, Life Insurance, Short-Term Disability, Long-Term Disability, 401(k) match, Tuition/Training Assistance, Parental Leave, Paid Time Off, and Holidays.
Criterion Systems, LLC and its subsidiaries are committed to equal employment opportunity and non-discrimination at all levels of our organization. We believe in treating all applicants and employees fairly and make employment decisions without regard to any individual’s protected status: race, ethnicity, color, national origin, ancestry, religion, creed, sex/gender, gender identity/gender expression, sexual orientation, physical and mental disability, marital/parental status, pregnancy (including childbirth, lactation, and related medical conditions), age, genetic information (including characteristics and testing), military and veteran status, or any other characteristic protected by law. For our complete EEO/AA and Pay Transparency statement, please visit https://careers-criterion-sys.icims.com/.
Job LocationsUS-NM-Albuquerque | US-MD-Germantown | US-NV-Las Vegas | US-DC
ID 2024-3263
Category Information Technology
Type Mid