Criterion Systems, Inc.

Job Listings


Here are our current job openings. Please click on the job title for more information, and apply from that page if you are interested.

Use this form to perform another job search

The system cannot access your location for 1 of 2 reasons:
  1. Permission to access your location has been denied. Please reload the page and allow the browser to access your location information.
  2. Your location information has yet to be received. Please wait a moment then hit [Search] again.
Click column header to sort

Search Results Page 3 of 7

Job Locations US-NV-Las Vegas
Criterion Systems is seeking to hire a Cyber Threat Analyst to support a federal government customer in Las Vegas, Nevada. Cyber Data Analysts (CDA) will be responsible for modeling minor and complex data sets, as well as analyzing cyber security insights and identifying anomalies through the use of statistical, algorithmic, mining and visualization techniques. Responsibilities:   - Analysts must be proficient at integrating and preparing large, varied datasets. - must understand data elements, data models and manipulation of structured or unstructured data sets. - Must have strong communication, collaboration and presentation skills. - Team members are responsible for conducting statistical analysis and correlation of monitored traffic within large networks. - Trending and attack signature analysis produced by the CDA group will be utilized by SOC Intrusion Analysts, and external cyber security staff throughout the agency. - The position requires interaction with technical and management staff within and outside of the agency. - The position will include up to approximately 15% travel: local and nationwide. - Applicants must be positive, flexible, self-starters with the ability to excel in a fast-paced environment. - The applicant must demonstrate professionalism and understanding of the scalability of the current mission. - Communication skills are critical, with the ability to verbalize and document technical concerns and solutions, as well as create and maintain customer required documentation and other deliverable products. - Applicants must be detail-oriented and have the ability to follow process and multi-task effectively when necessary. - Responsible for identifying new internal and external structured and unstructured data to improve predictive model, and learning products. - Develops descriptive, diagnostic, and predictive analytical models and programs, develops robust data visualizations to product actionable analytics. - Formulates test hypotheses, applies statistical methods, analyzes results, and provides recommendations. - Present insights and recommendations to Security Operations Management and stakeholders. - Participates in data analytics projects. - Maintains good relationships and broad general knowledge across Cyber Security space and IT functions. - Conducts trending and statistical analysis methods, analyzes results, and provides recommendations. - Develops tools and procedures to detect "low-and-slow" and previously unobserved attack vectors. - Creates documentation and characterization of attack vectors. - Employs research and analysis of threats, indicators, techniques, tactics, and procedures.
Clearance Requirement
DOE Q
Category
Information Technology
ID
2022-2260
Job Locations US-NV-Las Vegas
Criterion Systems is seeking a Cyber Threat Analyst to support our customer in Las Vegas, Nevada. The Cyber Threat Analyst will be a part of a Cyber Threat Analysis Center (CTAC) Team supporting the customer in cyber-threat hunting and associated investigations of systems developed and implemented to support the customer's mission. The candidate will be part of a team that performs cyber-threat hunting to identify potential cyber-threat activity within networks/systems. The successful candidate will perform hands-on investigations that require critical thinking and a broad understanding of multiple technologies. The candidate will support development of presentations and reports to document findings and will require good communication and interpersonal skills to convey findings in the technical proficiency level of the intended audience.   Responsibilities include: - Assist in the development and execution of cyber threat-hunting standard operating procedures (SOPs) - Serve as a data analysis expert for output from a wide variety of cyber assessment tools and data analytics - Assist in analysis tool development, configuration, implementation and use - Analyze cyber-threat intelligence (e.g. actors, tools, exploits, malware, etc.) and determine TTPs used by threat-actors - Analyze security events and data feeds for event detection, correlation from monitoring solutions, conduct triage and classify the output using automated systems for further investigation - Assist in the discovery of cyber vulnerabilities and the investigation of global cyber security incidents, as required - Develop cyber protection improvement recommendations that support the remediation and protection of systems - Analyze and report on cyber-threats based on assessment and all-source intelligence - Translate analytical findings into security "use cases" that can be implemented within available surveillance capabilities - Provide detailed and accurate technical reporting of analysis results in the form of PowerPoint presentations and/or Word documents, as well as oral briefings on complex technical subjects attuned to senior management, technical, or non-technical audiences
Clearance Requirement
DOE Q/SCI
Category
Information Technology
ID
2022-2259
Job Locations US-DC-Washington, DC
Criterion Systems is looking to hire a Senior Information Systems Specialist to support our Department of Transportation (DoT) customer.  One hired the person will provide support in the following areas: Maintain FRA’s Information System’s core documentation, in accordance with each phase of the System Development Life Cycle (SDLC) with standardized templates, baseline management with supporting checklists and technical guides, and policies including but not limited to the DOT Security Authorization and Continuous Monitoring Guide, Weakness Guide and other. - Develop and/or review and update Privacy Impact Assessments (PIAs), Privacy Threshold Analyses (PTAs), and System of Record Notices (SORNs). This includes interfacing/coordinating with the System Owner (SO) and Privacy Officer that originates/has responsibility for the document to ensure the PIA/PTA/SORN contains appropriate information to be approved/adjudicated by DOT Chief Privacy Office for inclusion in System Authorization package. - Develop / update FIPS 199 Security Categorization document; ensure information type(s) and special considerations (if applicable) are defined. - Develop / update security control selection listing (include justification for tailoring, scoping, and or risk acceptance) - Develop / update System Security Plan (SSP); ensure discovered and identified system components, and control implementation status as required by NIST 800-53 based on each system’s FIPS 199 Categorization, System Security and Privacy Sensitivity and Impact Level is addressed. - Develop / update FRA Incident Handling Procedures Guide, - Develop/ update Information System Configuration Management Plan, - Develop / update Information System Account Management Plan, - Develop / update Information System Audit Monitoring Plan - Develop and Maintain Inventory of Information System Interconnections and review, Develop / update Interconnection Security Agreements and MOUs in accordance with NIST 800-47. Assist the System Owner, Information Owner, ISSM, ISSO, and Privacy Officer in recording all known security weaknesses of assigned information systems in the Plans of Action and Milestones (POA&M’s) in accordance with DOT policy, guides and procedures. These activities shall include: - Develop Draft Plan of Action and Milestones (POA&M) for observed control level deficiencies or gaps control implementation(s) in accordance with DOT policy, guides and procedures. - Conduct quality assurance reviews of existing POA&Ms to ensure completeness, accuracy and identified solutions are cost effective. - Support of the information system contingency planning process in accordance with NIST SP 800-34 Revision (Current), Guide to Test, Training and Exercise Programs for Information Technology Plans and Capabilities and ensure contingency plan test exercises results are documented in an after-action report, and Lessons Learned corrective actions are captured for updating information in the Information Systems Contingency Plan (ISCP). See Deliverables Table. - The development and update of contingency plans including Business Impact Analysis (BIA). - Identification of the components that support defined mission essential functions and impact on other supporting resources, identify and ensure no single individual has control of any critical process in its entirety per NIST SP 800-53 by identifying and recommending implementing separation of duties. - Information system contingency training for personnel with contingency plan responsibilities focusing on familiarizing them with ISCP roles and teaching skills necessary to accomplish their roles in a system recovery capacity. - g) Tracking security awareness training and specialized training for FRA program offices and IT staff on an annual basis. - Provide support for auditing activities, reporting activities, and data calls. This support includes: - Project support and coordination with functional teams to gather documentation and provide support to draft responses for all audits, data calls, and assessment activities two days prior to the suspense dates. See Deliverables Table. - Tracking all audit Corrective Action Plan (CAP), Target Action Dates (TAD), data call requests and other inquiries as directed and provide status report. - Support for development and collecting information for effective performance measures and metrics by ensuring the DOT enterprise information security management system namely Cybersecurity Assessment and Management (CSAM) is regularly and accurately updated with required information and supporting artifacts. - Performance of system inventory updates, categorization, Plan of Action and Milestones (POA&M) and other security metrics required by the DOT CIO through policy and the Departmental Cybersecurity Compendium for the system(s).
Clearance Requirement
Public Trust
Category
Information Technology
ID
2022-2257
Job Locations US-NV-Las Vegas
Criterion Systems is seeking a Cybersecurity Technical Lead - Security Operations Center to support a federal government customer in Las Vegas, Nevada.   The candidate will provide senior technical leadership.  This position requires daily interaction with management, security personnel at customer sites, and government personnel with other federal agencies.  Applicant must be a positive, flexible, self-starter requiring minimal direct supervision, and able to excel as a leader in the fast-paced cybersecurity industry.  The Cyber Technical Lead is responsible for advancing the state of analytic techniques and tools.  This position is heavily focused on the development of automated solutions within a cybersecurity operations team.     Duties and Responsibilities to include, but not limited to: - Serve as a Subject Matter Expert (SME) within the team for technical expertise. - Lead or contribute to projects advancing the state of analytic techniques and tools. - Investigate and develop detections for new and evolving threats. - Analyze escalated alerts in support of network security monitoring operations. - Develop and review high-visibility notifications for enterprise customers. - Review and analyze network packet capture files. - Review and analyze SIEM and IDS alerts. - Review of security vulnerability data. - Utilize threat hunting techniques to proactively identify threat activity. - Identification, review, and tracking of malicious code. - Reporting malicious activity to customer sites. - Provide customers with remediation recommendations. - Contribute as needed to incident response activity. - Develop use of new services, technology, and products. - Conduct training and coaching sessions for SOC personnel on analytic techniques and tools. - Create, review, and approve new procedural documentation. - Travel up to 10% (Mostly for trainings and conferences, global pandemics permitting.)
Clearance Requirement
DOE Q
Category
Information Technology
ID
2022-2256
Job Locations US-MO-Kansas City
Network Access Control (NAC) - Recommend Network Access Controls (NAC) policy configuration changes to meet everchanging requirements in the enterprise as part of a continuous improvement of NAC capabilities. - Manage configuration and infrastructure changes to the NAC solution. - Apply software upgrades and patches to the NAC solution. - Integrate the NAC solution with other toolsets (mobile device management, vulnerability scanning, asset management, SIEM, and network security analytics solutions). - Document/Revise operational documents applicable to the NAC solution with associated dependencies that are external to the NAC toolset. Perimeter Security (PSP) - Install, administer, and manage the Firewalls, Access Control Lists (ACL), Virtual Private Network (VPN) systems and Remote Network Access Gateways to include hardware-based, virtual, and cloud-based service offerings such as Amazon AWS and Microsoft Azure. - Manage and update firewall rule base and monitor for continuous improvement. - Document all aspects of the system for daily operations and disaster recovery, in addition to adherence of federal certification and accreditation requirements. - Provide statistical reporting to illustrate security posture and continuous improvements. - Participate in the creation, review and enforcement of security policy, procedures, and system documentation. - Evaluate, make recommendations, implement, or disseminate IT security tools, procedures, and practices to protect organizational systems. - Provide knowledge transfer to team members, to include government counterparts. Domain Name Service (DNS) Blocking - Monitor and process DNS Blocking requests within the enterprise service desk ticketing system in accordance with standard operating procedures. - Develop, maintain, and continuously improve DNS Blocking process which includes taking information from open source threat intelligence sources and incorporating DNS domain name blocks. - Maintain a DNS sinkhole list contained in DNS servers managed by a separate (non-ISC) IT support organization. - Monitor incoming inquiries, troubleshoot suspected DNS Blocking solution caused issues, respond with resolution action, or provide report of investigative/troubleshooting findings.  
Clearance Requirement
Public Trust
Category
Information Technology
ID
2022-2244
Job Locations US-CA-San Diego
Criterion Systems is seeking a mission-focusedDatabase Software Engineer to support and contribute to our government customer’s success in San Diego, CA. The individual in this position must be a motivated team player that strives for professional and technical excellence in Database Software Engineering. Primary Responsibilities include, but are not limited to:  - Experienced software engineer with C++, and/or Java, and/or Database development/administration, a security clearance, and 5+ years of software design, code, and test experience. - Experience developing successful object-oriented systems with a focus on maintainability and testability, and deep understanding of issues surrounding layering and dependencies in object oriented systems - Understanding and skills in software design and code, including Object Oriented Analysis & Design (OOAD) - Experience and familiarity with UNIX and/or Linux - Experience with UML and UML tools - Self-starter with ability to multitask - Team player with a proactive attitude and the ability to be productive in a dynamic/collaborative environment - Strong oral and written communications skills
Clearance Requirement
Top Secret/SCI
Category
Information Technology
ID
2022-2241
Job Locations US-VA-Vienna
Under the guidance of Manager and Sr. Project Control Analyst - - Sets up projects within Deltek Costpoint and assigns workforces. - Monitors, analyzes and reports project progress, costs and schedules. - Collaborates with project team to review and validate progress and spend curves. - Supports project management with preparation of project status reports for various contracts. - Completes monthly project management review presentation. - Reviews reports for accuracy and consistency with contract management systems and finance/accounting systems. - Provides cost and schedule analysis and reviews with project managers for corrective action. - Analyzes monthly project revenue, cost and profitability and explains variances to management. - Updates project forecasts based on analysis of trends, cost and schedule performance and variances. - Works closely with purchasing to provide initial and subsequent funding actions for subcontractors. - Maintains funding actions for 75% complete notices and at-risk process. - Prepares government reporting requirements for contract vehicles. - Supports pricing efforts as needed.
Clearance Requirement
Ability to obtain and maintain a security clearance
Category
Accounting/Finance
ID
2022-2237
Job Locations US-VA-Vienna
Interns will be expected to have technical and communication skills and the ability to effectively manage multiple activities at a time. Dependent on the division that you support, job duties will include: - Working closely with Criterion staff to provide briefs, support analysis, and draft other presentations and documentation - Provide assistance and coordination to company-wide staff on issues and concern in your area of work - Tracking internal and external issues relevant to the division’s focus area, such as legislation, regulations, news releases, and other events related to information technology and cybersecurity - Supporting other critical operations activities as required Some of these positions may allow telecommuting, virtual opportunities or require on-site present. Some positions may require the ability to obtain a U.S. Security Clearance for which the U.S. Government requires U.S. Citizenship.
Clearance Requirement
Ability to obtain and maintain a security clearance
Category
Information Technology
ID
2022-2227
Job Locations US-CO
Criterion Systems is seeking a mission-focusedDevOps Engineer to support and contribute to our government customer’s success in Littleton, CO. The individual in this position must be a motivated team player that strives for professional and technical excellence in DevOps Engineering. Primary Responsibilities include, but are not limited to:  - Developing and maintaining the CI/CD pipelines for system development and managing the containerized development infrastructure. - Have technical curiosity to learn new skills and are ready to help across the team, as this is a team that is constantly looking at latest tools and trends. - Experience with cloud environments (AWS) or traditional IT systems. - Experience building and managing Docker containers. - Experience working as a member of an Agile Scrum or Kanban team with Agile management tools such as Version One, Jira, Confluence, etc. - Track record of being a self-starter and strong independent contributor. - Experience with a programming or scripting languages such as bash, python, nodejs, go, c# or java.
Clearance Requirement
Top Secret/SCI
Category
Information Technology
ID
2022-2226
Job Locations US-VA-Vienna
Criterion Systems, Inc., based out of Vienna, VA is seeking a Department of Energy (DOE) Business Development/Capture Manager to help take the company to the next level, and transform qualified opportunities into wins. In this role, you will identify and capture DOE and National Nuclear Security Administration (NNSA) opportunities. You will also be responsible for leading and managing all aspects of the procurement process to include meeting with customers, teaming with industry partners, developing solutions, formulating winning strategies, and determining price-to-win frameworks.   Day-to-day responsibilities include (but not limited to): - Identify, capture, and win new, long-term business opportunities leveraging the company’s core capabilities to position the company for large, long-term program and services opportunities - Manage capture processes and effectively communicate to senior internal management as well as and external partners - Responsible for new business development planning and new opportunity identification. - Develop and brief Bid/No-Bid recommendations and capture strategies for new business opportunities - Develop and implement call plans with government customers to identify their key goals, missions and priorities, and map these to company capabilities - Responsibilities extend across all phases of Business Development including market analysis, marketing to customers, capture plan development and execution, developing winning strategies to capture new business, and participating in proposal development with executive summary writing and color team reviews
Clearance Requirement
Ability to obtain and maintain a security clearance
Category
Sales
ID
2022-2225
Job Locations US-NV-Las Vegas
Criterion Systems is seeking a Tier 1 Intrusion Analyst in Las Vegas, Nevada. The candidate will be part of the Security Operation Center (SOC) working in a 24x7 environment. The position requires interaction with security personnel at customer sites, various levels of management, and outside agencies. Position can include up to 10% travel, local and nationwide. Applicant must be a positive, flexible, self-starter requiring minimal supervision, and able to excel in a fast-paced environment. Communication skills are critical with the ability to verbalize and provide documentation to both technical and non-technical audiences. Applicants must be detail-oriented and have the ability to multi-task effectively.   - Monitor, deter, identify, and investigate computer and network intrusions. Ability to research trends and countermeasures in computer/network including vulnerabilities, exploits, and malicious activity. Develop and maintain in-depth knowledge and hands-on experience with computer network security techniques and best practices. Technical focus on the monitoring and analysis of large, distributed and complex network. Candidate must be able to identify suspicious and malicious activity in a heterogeneous network environment and respond appropriately. - Research new and evolving threats and vulnerabilities with potential to impact the monitored environment. - Read and understand network packet capture files. - Monitoring and analysis of network and IDS information. - Log collection, analysis, correlation, and alerting. - Identification of suspicious/malicious activities. - Identification and tracking of malicious code. - Reporting malicious activity to client locations with recommendations for remediation. - Review and management of incident resolutions - Other duties as assigned - Travel up to 10%
Clearance Requirement
DOE Q
Category
Information Technology
ID
2022-2219
Job Locations US-NV-Las Vegas
Our staff provides cyber security support to the Department of Energy National Nuclear Security Administration. Criterion Systems seeking a Penetration Tester to support our DOE customer.   The candidate will perform internal and enterprise penetration tests, various red team activities, and also be a member of the Security Operation Center (SOC) Incident Response Team. This position will work a day schedule in a 24x7 environment. The position requires interaction with security personnel, analysts, administrators and engineers at the local/internal deployment (which provides enterprise managed cybersecurity services to federal customer sites) as well as at enterprise sites and locations. Position can include up to 10% travel, local and nationwide. Applicant must be a positive, flexible, motivated, self-starter requiring minimal supervision, and able to excel in a fast-paced environment. Communication skills are critical, with the ability to verbalize and provide documentation to both technical and non-technical audiences. Applicants must be detail-oriented and have the ability to multi-task effectively. - Develop and maintain in-depth knowledge and hands-on experience with computer network security techniques and best practices. - Collaborates with stakeholders to determine testing requirements, methods and constraints. - Performs vulnerability scans of the environment, and interprets the results for next step actions. - Conducts physical assessments of system and network security. - Carries out onsite and remote testing of stakeholders systems to expose weaknesses to be remediated or strengthened. - Simulate security breaches to test a system's relative security. - Conducts security audits to evaluate adhereance to established criteria. - Analyze policies and procedures for effectiveness in given environments, and makes suggestions for improvement. - Drafts assessment reports documenting findings and level of risk, while also offering suggested potential solutions. - Advises on methods to lower security risks to systems. - Continually considers the impact which testing may have on systems, stakeholders and users. - Understanding and ability to eloquently convey how identified risks may affect the system, users and/or business if not remediated. - Must be able to identify suspicious and malicious activity in a heterogeneous network environment and how respond appropriately. - Referencing issued or discovered vulnerabilities and threats, how to perform investigations on internal networks. - Travel up to 10% (not regularly scheduled, mostly just occasional trainings & meetings). - Other duties as assigned. Collateral Duties: - Acts as a member of the Incident Response Team. - Acts as an Incident Commander as necessary. - Tracks the progress of the IR process during the security incident as necessary. - Coordinates the actions of other IR team members as necessary. - Disseminates information as necessary. - Provides status updates to relevant parties who are not members of the IR team. - Provides expertise where necessary by either offering guidance from personal knowledge and experience, or by channeling such information from the subject matter expert. - Review and management of incident resolutions.
Clearance Requirement
DOE Q
Category
Information Technology
ID
2022-2216
Job Locations US-NV-Las Vegas
Our staff provides cyber security support to the Department of Energy National Nuclear Security Administration.  Criterion Systems is seeking an Incident Response Analyst to support our DOE customer.   The candidate will be part of the Internal Security Operation Center (SOC) Incident Response team, working a day schedule in a 24x7 environment. The position requires interaction with security personnel, analysts, administrators and engineers at the local/internal deployment, which provides enterprise managed cybersecurity services to federal customer sites. Position can include up to 10% travel, local and nationwide. Applicant must be a positive, flexible, self-starter requiring minimal supervision, and able to excel in a fast-paced environment. Communication skills are critical with the ability to verbalize and provide documentation to both technical and non-technical audiences. Applicants must be detail-oriented and have the ability to multi-task effectively.   - Monitor, detect, identify, and investigate computer and network intrusions. - Ability to research trends and countermeasures in computer/network including vulnerabilities, exploits, and malicious activity. - Develop and maintain in-depth knowledge and hands-on experience with computer network security techniques and best practices. - Must be able to identify suspicious and malicious activity in a heterogeneous network environment and respond appropriately. - Research new and evolving threats and vulnerabilities with potential to impact the monitored environment. - Referencing issued or discovered vulnerability and threat noticies, perform investigations and hunts on internal networks. - Use of IARC asset management and software management systems for investigations. - Investigate SIEM events and perform threat hunting specific to internal networks. - Report site notices and status to the ISSM. - Ensure SOC-Derived threat intel is applied to protect the internal/local networks. - Perform local/internal SOC duties (vs Enterprise SOC duties). - Act as SOC SME for the for local/internal networks. - Read and understand network packet capture files. - Monitoring and analysis of network and IDS information. - Log collection, analysis, correlation, and alerting. - Identification of suspicious/malicious activities. - Identification and tracking of malicious code. - Reporting malicious activity to client locations with recommendations for remediation. - Review and management of incident resolutions. - Travel up to 10% (not regularly scheduled, mostly just occasional trainings & meetings). - Other duties as assigned.
Clearance Requirement
DOE Q
Category
Information Technology
ID
2022-2215
Job Locations US-NV-Las Vegas
Criterion Systems is seeking a Deputy Manager of Project Engineering to join our Cybersecurity Team supporting a government customer in Las Vegas, Nevada.  The selected individual will ensure excellent execution of cybersecurity projects by the team of cybersecurity architects, senior systems engineers, and software developers, supporting both classified and unclassified information systems and networks.  This is a highly collaborative position that requires an understanding of the client organization business needs and provides secure technical solutions to meet those needs by interfacing with contract staff, government client managers and executives, and other contractors.  Once hired, you may travel to various CONUS client locations. - Lead a team of cyberecurity architects, senior systems engineers, and software developers. - Contribute to planning and provide leadership in the execution of efforts to achieve the technology roadmap. - Work closely with project leads to develop, allocate resources, and execute cybersecurity and IT projects. - Maintain close collaboration with customer personnel and teams to ensure solutions address site specific requirements and concerns while also maintaining an enterprise mindset. - Ensure the team develops and implements secure solutions for enterprise, enclave, and local-level information systems. - Create, analyze, and improve cost and effectiveness of business and engineering processes. - Lead and work within cross-functional and cross-site teams, building consensus, and influencing project directions to address issues and achieve strategic objectives. - Drive continual optimization of cybersecurity solutions to manage operating and maintenance costs and labor burden while improving. effectiveness and responsiveness. - Contribute to developing and maintaining cybersecurity and IT policies and procedures. - Active participation in Engineering Review Board activities. - Provide guidance and mentoring to personnel within the organization. - Contribute to the development and maintenance of the organization’s technology roadmap - Contribute to the development and maintenance of security architecture documents and artifacts. - Provide input into the strategic technical vision of the customer organization. - Deliver solutions that satisfy redundancy, high availability and scalability, security, and manageability requirements. - Disrupt the status-quo to eliminate complacency and drive innovation into cybersecurity and IT operations.
Clearance Requirement
DOE Q
Category
Management
ID
2022-2214
Job Locations US-DC
- The Data Call Analyst will assist the Data Collection Lead and Federal Coordinator to Draft, Administer, Collect, Consolidate, Deliver, and Analyze both internally and externally driven mandatory or voluntary data calls. - Duties cover the full lifecycle of data collection and the analysis lifecycle for administrated data calls. - Prepare documents of consolidated responses from both NA Program Offices and M&O sites, labs, and plants in order to provide recommendations to NA-IM leadership. - Consolidate responses to data calls, perform quality assurance & quality control of data received from data calls and work with site Data Call POCs to correct defects prior to. - Conduct analysis of individual data calls, correlation between data calls, and comparisons of NNSA data responses with external data sets to generate actionable knowledge related to NNSA and NA-IM. - Maintain a repository of Data Call responses. - Track and record each sites’ incidents of non-compliance or late responses to data calls. - Conduct analysis of data calls for trends or areas for improvement. - Develop compliance reports as required to support FISMA and other external reporting requirements.
Clearance Requirement
Ability to obtain and maintain a security clearance
Category
Information Technology
ID
2022-2213
Job Locations US-DC-Washington, DC
Support and assist in Cybersecurity and Information Protection Division (S83) Program to establish, implement and maintain technology and capabilities to ensure the effective management of Federal information technology resources. Cybersecurity and information technology engineering tasks following the systems engineering process, formally known as, the System’s Development Life Cycle (SDLC) to fully deliver and maintain an operational ELK solution.        Evaluate the delivered ELK solution as a system against the Federal initiatives, evolving threats, cybersecurity industry best practices, compliance information (e.g. Executive Orders, Binding Operating Directives, NIST special publications, DOT processes for supporting authority to operate (ATO) decision, ensuring compliance with cybersecurity control requirements (including applicable documentation), on-going recommendations for the mitigation of all threats and measurement of risk affecting the DOT environment.  Cybersecurity Engineering Support (Development):  - Expert services to install and manage Elasticsearch clusters in cloud environments,  - Spport development and capacity planning for searching and analyzing indexed data.  - Implement secure data transport between the DOT Enterprise Logging System or other identified systems or components to include on premises and cloud hosted.    - Will present change proposals, as needed, for implementation and updates to internal change management or the DOT Change Control Board  - Engage with the shared services organization for network configuration, cloud services provisioning, authentication services, and certificate services.  Cybersecurity Engineering Support (Observability):  - Provide expert services to implement observability, from ingesting metrics, logs, Application Performance Monitoring (APM) and uptime data to a single data source  - Develop analysis and automation reacting to events using Kibana, machine learning, and alerting.  - Integrate multiple Indicators of Compromise (IOC) threat sources to develop correlation and automated notification to the DOT SOC that includes relevant artifacts.     - Provide expert services to use Kibana for both data visualization and analysis.   - Provide dashboards to analyzing time-series data to developing machine learning jobs.  - Provide dashboards using unique data sets from system logs, vulnerability assessment data, and other endpoint information sources.   Cybersecurity Engineering Support (Analysis):   - Expert services to use Kibana for both data visualization and analysis.  - Provide dashboards to analyzing time-series data to developing machine learning jobs.  - Dashboards using unique data sets from system logs, vulnerability assessment data, and other endpoint information sources; product should display minimal errors in data and visualizations  - Document methods of data collections, reporting applications sources, and processes using plain language, graphs, charts and other means for communications.         
Clearance Requirement
Ability to obtain and maintain a security clearance
Category
Information Technology
ID
2022-2212
Job Locations US-DC-Washington, DC
- Support and assist in Cybersecurity and Information Protection Division (S83) Program to establish, implement and maintain technology and capabilities to ensure the effective management of Federal information technology resources.     - Maintain Information System’s core documentation, in accordance with each phase of the System Development Life Cycle (SDLC) with standardized templates, baseline management with supporting checklists and technical guides, including but not limited to the DOT Security Authorization and Continuous Monitoring Guide, Weakness Guide and other.  - Provide information system’s data for Privacy Impact Assessments (PIAs), Privacy Threshold Analyses (PTAs), and System of Record Notices (SORNs). This includes interfacing/coordinating with the System Owner (SO) that originates/has responsibility for the document to ensure the PIA/PTA/SORN contains appropriate information to be approved/adjudicated by DOT Privacy Office for inclusion in System Authorization package.  - Develop/update FIPS 199 Security Categorization document; ensure information type(s) and special considerations (if applicable) are defined.    - Develop/update security control selection listing (include justification for applicable tailor and or risk acceptance)   - Develop/update System Security Plan (SSP); ensure discovered and identified system components, control implementation status are addressed.  - Develop/update Incident Handling Procedures Guide, Information System Configuration Management Plan, Information System Account Management Plan, and Audit Monitoring Plan  - Develop and Maintain Inventory of Information System Interconnections and review, develop/update Interconnection Security Agreements and MOUs in accordance with NIST 800-47  - Develop/update risk assessment and relevant impact rating pertaining within the scope of this statement of work.   - Provide draft update contingency plans including Business Impact Analysis (BIA).  - Support the information system contingency planning process in accordance with NIST SP 800-34 Revision (Current), Guide to Test, Training and Exercise Programs for Information Technology Plans and Capabilities, and ensure contingency plan test exercises results are documented in an after-action report, and Lessons Learned corrective actions are captured for updating information in the Information Systems Contingency Plan (ISCP).  - Assist the System Owner, Information Owner, and ISSM in recording all known security weaknesses of assigned information systems in the Plans of Action and Milestones (POA&M’s) in accordance with DOT policy, guides and procedures.  - Develop draft Plan of Action and Milestones (POA&M) for observed control level deficiencies or gaps control implementation(s) in accordance with DOT policy, guides and procedures.  - Conduct quality assurance reviews of existing POA&Ms to ensure completeness, accuracy and identified solutions are cost effective. - Support to continuous monitoring process, assessing and evaluating ELK solution’s information system inventory to detect vulnerabilities, identifying critical and high weakness via insecure application development techniques, cloud environments, networked enclaves, and provided remediation or corrective actions to improve the security posture.  - Support in tracking and ongoing evaluation of weakness, vulnerabilities in DOT’s security tool suite or other detection reports, issued corrective action plans, remediating addressing issues affecting the ELK solution’s security posture.   - Maintain architecture diagrams, process and standard operation procedures documentation, and the integration and management of static code vulnerability detection applications into the process. 
Clearance Requirement
Ability to obtain and maintain a security clearance
Category
Information Technology
ID
2022-2211
Job Locations US-DC-Washington, DC
- Provide support following the Agile engineering model, focusing on delivery while supporting change and adhering to existing processing standards i.e. National Institute Standards and Technology (NIST) Special Publications, Binding Operating Directive, Executive Orders and mandates.  - Provide project oversight, coordination and management for each work task as required. - Develop and maintain a project plan(s) and sprint schedules to support activities; project plan status reports shall follow a review schedule to track project progress, finances, risk and/or issues, status and resolutions.   - Provide Weekly Status Reports documenting activities of the previous week and identifying planned sprint activities for the following months. The reports must include, at a minimum, the following information:   - Overview of work completed, in progress, and planned for each task, by subtask.   - Personnel, labor categories and hours expended on each task, by subtask.   - Status of individual deliverables and all planned activities for each task, by subtask.   - Identification of risk areas with recommended remedial actions.   - Status of all issues and risks identified during previous week’s status reports.   - The Contractor must provide Monthly Quality and Performance Reports. Each report must include the following for each task and subtask  - Scheduled deliverables and planned delivery dates.  - Actual delivery dates.  - Deliverables accepted.  - Deliverables rejected with reason and corrective action steps taken. 
Clearance Requirement
Ability to obtain and maintain a security clearance
Category
Information Technology
ID
2022-2209
Job Locations US-DC
Criterion Systems, Inc., is seeking a Tier II Help Analyst that can work 100% onsite. During the COVID-19 health crisis, support personnel will work remotely, but when required, come onsite to service requests when business conditions dictate the need. The right candidate will have experience providing Deskside Customer support. The contract operates the computer, telecommunications, network and security infrastructure at the customer site. The network infrastructure provides data, voice, Wi-Fi/wireless, and emergency broadcast services. The selected candidate will deploy and support infrastructures, software solutions and technology; will support technical escalation of advanced issues for problem resolution; and will apply knowledge of industry standards and vendor certifications. The Tier II Helpdesk Specialist will be primarily responsible for installing, supporting and maintaining computer systems, PC applications and hardware via remote tools and deskside visits, interact with network services, software systems engineering, and/or applications development to restore service and/or identify and correct core problems.  Individuals interested in this position should have good phone communication skills as well as experience working with customers one on one in a deskside environment. - Provide Excellent Customer Service in Face-to-Face, Telephone or Electronic Interaction with Clients, Good Language and Communications Skills, Problem-Solving - Resolve configuration and troubleshooting requests. This includes PC/laptop/tablet/mobile device configuration, PC/laptop/tablet/mobile device troubleshooting, and PC/laptop/tablet/mobile device maintenance, support for custom software, and software support for COTS packages - Providing hands-on analysis of issues, issue reporting, and incident management - Implementing complex changes to the infrastructure - Provide PC workstation image build using SCCM; Build and maintain PC operating system images - Build and configure PC and laptop workstations using SCCM.  Re-image workstations and use disk utility software for wiping and repairing disks - Preparing documentation that explains the technical solution clearly - Maintaining or enhancing systems infrastructure components and services to ensure that infrastructure is in vendor supported and standards compliant state - Respond to incidents according to the approved process and procedures - Responds to telephone calls, email and personnel requests for technical support, documenting every contact - Documents, tracks, and monitors the problem to ensure a timely resolution - Provides 2nd tier support to end users for PC applications and hardware via remote tools and deskside visits - Interact with network services, software systems engineering, and/or applications development to restore service and/or identify and correct core problems - Simulates or recreates user problems to resolve operating difficulties - Recommends systems modifications to reduce user problems - Possesses and applies expertise on multiple complex work assignments  - Assignments may be broad in nature, requiring originality and innovation in determining how to accomplish tasks - Operates with appreciable latitude in developing methodology and presenting solutions to problems - Contributes to deliverables and performance metrics - Utilizes the ServiceNow ticketing system to track all work - Ensures a timely process through which problems are controlled. Includes problem recognition, research, isolation, resolution, and follow-up steps.
Clearance Requirement
Public Trust
Category
Information Technology
ID
2022-2204
Job Locations US-DC
Criterion Systems, Inc., is seeking a Lead Service Desk Technician. During the COVID-19 health crisis, support personnel will mostly work remotely, but when required, come onsite to service requests when business conditions dictate the need. The right candidate will have experience providing Service Desk Leadership and work under the direction of the Service Desk Manager. The selected candidate will deploy and support infrastructures, software solutions and technology; will support technical escalation of advanced issues for problem resolution; and will apply knowledge of industry standards and vendor certifications. The Lead Service Desk Technician will be primarily responsible for supporting and maintaining computer systems, PC applications and hardware via remote tools and some deskside visits, interact with network services, software systems engineering, and/or applications development to restore service and/or identify and correct core problems.  Individuals interested in this position should have good phone communication skills as well as experience working with customers one on one in a deskside environment. Responsible for the day-to-day operations of the IT Service Desk to include: - Creating/setting standard processes and procedures for the team - Implementing processes to improve IT services provided to customers and implement improvements to tools/technology utilized within the Service Desk environment - Contribute to knowledge articles used within the ticket management system and across the IT Service Desk. - Defining Standard Operating Procedures for IT Service Desk and Deskside Support teams. - Monitor/supervise IT Service Desk Agents’ Arrival and Departure times to and from work as scheduled by ITSD Project Manager and produce daily reports from the phone ACD system - Train new IT Service Desk team members on processes, procedures, operations and expected levels of performance - Gather and distribute daily operational statistics to all agents as determined by the ITSD Project Manager - Act as an escalation point for IT Service Desk Agents - Work with other support teams and personnel to escalate and resolve customer issues - Assign tickets to Deskside Support team members based on volume and skill set - Assist by answering ACD calls during periods of high volume activity due to system outages and/or other scenarios, etc. Open, escalate or resolve tickets as needed. - Assist Deskside Support team, as needed, during busy periods and/or as requested based on organizational needs - Perform daily quality checks and produce a weekly reports - Work on special assignments/projects as determined by the ITSD Project Manager - Meet performance goals for the position as determined by the ITSD Project Manager
Clearance Requirement
Public Trust
Category
Information Technology
ID
2022-2202