Criterion Systems is hiring: Cybersecurity Service Provider (CSSP) Analyst in No
Criterion Systems, North Las Vegas, NV, United States
Overview:
At Criterion Systems, we developed a different kind of businessa company whose real value is a reputation for excellence built upon the collective skills, talents, perspectives, and backgrounds of its people. By accepting a position with Criterion Systems, you will join a group of professionals with a collaborative mindset where we share ideas and foster professional development to accomplish our goals. In addition to our great culture, we also offer competitive compensation and benefit packages, company-sponsored team building events, and advancement opportunities. To find out more about how Criterion can help you take your career to the next level please visit our website: www.criterion-sys.com. Criterion Systems is a Military/Veteran Friendly Company therefore we encourage Veterans to apply.
Responsibilities:We are seeking a mission-focused Cybersecurity Service Provider (CSSP) Analystto support and contribute to our government customers success in Las Vegas, NV!
The CSSP Analyst is responsible for the efficient execution of the CSSP Evaluator Scoring Metrics (ESM). The CSSP Analyst will support control functions, including assisting with planning and analysis of cybersecurity activities.
Duties, Tasks & Responsibilities
- Tracking of baselines, reporting on deliverables, and communication of findings.
- Identifying, and prioritizing cybersecurity activities
- Creating necessary reports
- Performing issue/risk/action item tracking
- Creating and managing daily task lists of action items and follow-up activities
- Helping develop CSSP artifacts and track historical data
- Reviewing current status and schedule for forecasting future activities
- Monitoring and reporting on progress of subscriber reviews, including timelines and status
- Ensuring compliance with ESM requirements, verifying and documenting results for formal acceptance
- Identifying and proposing solutions for areas of improvement (continuous process improvement)
- Assist the CSSP in the developing and issuing pertinent communication to the subscribers and stake holders
- Performing and reviewing vulnerability scans
- Tracking vulnerability and compliance trends
Qualifications:
Required Experience, Education, Skills & Technologies
- US Citizenship (**NO DUAL CITIZENSHIP ACCEPTED**)
- Strong preference for individual with Active Department of Energy (DOE) Q Clearance OR Top Secret Security Clearance OR Secret Clearance; however, those with the ability to obtain a clearance will be considered.
- Bachelors degree in Computer Science, Business Administration or related degree (will take direct cyber securuity/ information assurance experience in lieu of degree)
- Minimum of 6 years related experience
- Excellent written, analysis and communications skills communicate clearly and concisely with diverse audiences and should be comfortable giving and receiving feedback
- Experience with Tenable Products.
- Some limited travel may be required for obtaining CSSP course for ESM SRR.
- Must be able to work full time onsite with the potential to telecommute one to two days.
- Must have demonstrated ability to work both independently and collaboratively with CSSP team members, customers and external vendors.
- Must have the ability to work on tasks with multiple deliverables assess priorities and operate in a flexible manner in order to meet the dynamic needs of the team.
- Strong experience with features of MS Project, Excel, Visio, SharePoint, and Word.
- Strong customer-service orientation
- Compliance with NICE Framework Work Role ID(s) OM-ANA-001 & PR-CDA-001
- Strong knowledge of IT technology and Cybersecurity services.
- Experience in change and risk management.
- Analytical skills and problem solving skills needed to manage multiple factors on a project simultaneously.
- Strong team working skills
- Attention to and precision with detail
- Energetic with a can-do approach to work, who tracks and follows up on tasks independently, who seeks out additional work, and who recommends ways to improve upon current activities.
- Developing and reviewing documentation such as policies, procedures, baselines, and risk assessments.
- Understanding of regulatory compliance
- Strong understanding of information system logs for troubleshooting configuration issues.
Preferred Experience, Education, Skills & Technologies
- Experience with RedSeal including configuration, system scoring, and vulnerability evaluation.
- Strong understanding of DISA STIGs, NIST Guidelines or other system security and hardening guidance (e.g. SCAP).
- Familiarity with NIST 800-53, CISA EDs, BODs, and DoD Instructions and Directives
- Ability to obtain Derivative Classifier Certification.
- SEC+ ,CISSP, CISM, NICE Framework Work Role ID(s) OM-ANA-001 & PR-CDA-001 certifications a plus (must obtain within 6 months of employment).
- Experience with developing and reviewing Splunk Dashboards.
- Experience with ticketing systems
Security Clearance Level
- DOE Q
Work Schedule
- Full-time on-site
Benefits Offered
- Medical, Dental, Vision, Life Insurance, Short-Term Disability, Long-Term Disability, 401(k) match, Tuition/Training Assistance, Parental Leave, Paid Time Off, and Holidays.
Criterion Systems, LLC and its subsidiaries are committed to equal employment opportunity and non-discrimination at all levels of our organization. We believe in treating all applicants and employees fairly and make employment decisions without regard to any individuals protected status: race, ethnicity, color, national origin, ancestry, religion, creed, sex/gender, gender identity/gender expression, sexual orientation, physical and mental disability, marital/parental status, pregnancy (including childbirth, lactation, and related medical conditions), age, genetic information (including characteristics and testing), military and veteran status, or any other characteristic protected by law. For our complete EEO/AA and Pay Transparency statement, please visit https://careers-criterion-sys.icims.com/.