Information Security Compliance and Assessment Specialist

Job Locations US-NM-Albuquerque | US-MD-Germantown | US-NV-Las Vegas | US-DC
ID
2024-3263
Category
Information Technology
Type
Mid

Overview

At Criterion Systems, we developed a different kind of business—a company whose real value is a reputation for excellence built upon the collective skills, talents, perspectives, and backgrounds of its people. By accepting a position with Criterion Systems, you will join a group of professionals with a collaborative mindset where we share ideas and foster professional development to accomplish our goals. In addition to our great culture, we also offer competitive compensation and benefit packages, company-sponsored team building events, and advancement opportunities. To find out more about how Criterion can help you take your career to the next level please visit our website: www.criterion-sys.com. Criterion Systems is a Military/Veteran Friendly Company therefore we encourage Veterans to apply.

Responsibilities

We are seeking an Information Security Compliance and Assessment Specialist to join a U.S. Department of Energy, National Nuclear Security Administration contract in Albuquerque, NM, Las Vegas, NV, Germantown, MD, or Washington, DC.

 

In this role, you will serve as a Quality and Compliance Advisor on all matters involving the security of internal information systems. You will have the detailed knowledge and expertise required to provide management with the information and tools to ensure conformance to requirements and improve information assurance quality processes of the organization. You will identify and define areas of non-conformance to requirements and security policies and procedures through ongoing monitoring and assessments.

 

Duties, Tasks & Responsibilities

  • Ensuring the implementation of DOE and NNSA cyber security policies and procedures for information systems
  • Performing process and system evaluations (assessments) to ensure compliance with established policies, processes, procedures, and applicable standards
  • Validating security control assessments results
  • Performing a variety of technical and administrative activities related to the function of QA (auditing), including, but not limited to, scheduling, checklist development, report writing, facilitating root cause/lessons learned analysis, and internal/external presentations
  • Compiling, analyzing, and reporting on findings of non-compliance and providing recommendations for improvement
  • Capturing and maintaining plans of action and milestones on findings of non-compliance
  • Tracking and escalating unresolved non-compliance issues and corrective and preventative action plans to closure
  • Validating cyber security tests and assessments are conducted in accordance with established policies and procedures
  • Formally and informally presents information in group and individual settings

Qualifications

Required Experience, Education, Skills & Technologies

  • U.S. Citizenship (NO dual-citizenship)
  • Bachelor’s Degree in a related field with appropriate background and knowledge of current industry technologies/standards for enterprise networks.  Prior experience in information security/information assurance roles in may be substituted for education requirements (e.g., implementing and managing FISMA, FedRAMP, DoDI 8500.2, HIPAA, or PCI requirements)
  • Five (5) years of related work experience
  • Applicable certification or the ability to obtain it within 6 months; the Information Security Compliance and Assessment Specialist maps to the NICE Cybersecurity Workforce Framework role of Mission Assessment Specialist
  • Experience with NIST SP 800-53, Risk Management Framework (RMF), and security assessment tools
  • Demonstrated knowledge and/or experience with Operating System, Virtualization, and Networking technologies
  • Must be able to demonstrate specialized experience applying the principles, practices, and techniques used by information systems security personnel
  • Proficiency with Microsoft Office products (Word, Outlook, Excel, PowerPoint, and SharePoint)
  • Must have strong attention to detail
  • Effective verbal and written communication and presentation skills
  • Strong planning, organizational, and time management skills
  • Demonstrated initiative and ability to work independently, as well as strong interpersonal skills that foster the ability to work effectively on teams, communicate effectively

Security Clearance Level

  • DOE Q/SCI

Certifications:

  • Must be able to maintain the appropriate NICE framework certification level by obtaining/holding at least one certification within 6 months of hire.

Work Schedule

  • Full-time on-site

Pay Rate 

  • The projected compensation range for this position is $75,000 - $120,000. Please note that the salary information is a general guideline only. Criterion Systems considers factors such as (but not limited to) scope and responsibilities of the position, candidate's work experience, education/ training, key skills as well as market and business considerations when extending an offer.

Benefits Offered

  • Medical, Dental, Vision, Life Insurance, Short-Term Disability, Long-Term Disability, 401(k) match, Tuition/Training Assistance, Parental Leave, Paid Time Off, and Holidays.

Criterion Systems, LLC and its subsidiaries are committed to equal employment opportunity and non-discrimination at all levels of our organization. We believe in treating all applicants and employees fairly and make employment decisions without regard to any individual’s protected status:  race, ethnicity, color, national origin, ancestry, religion, creed, sex/gender, gender identity/gender expression, sexual orientation, physical and mental disability, marital/parental status, pregnancy (including childbirth, lactation, and related medical conditions), age, genetic information (including characteristics and testing), military and veteran status, or any other characteristic protected by law. For our complete EEO/AA and Pay Transparency statement, please visit https://careers-criterion-sys.icims.com/.

 

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed