At Criterion Systems, we developed a different kind of business—a company whose real value is a reputation for excellence built upon the collective skills, talents, perspectives, and backgrounds of its people. By accepting a position with Criterion Systems, you will join a group of professionals with a collaborative mindset where we share ideas and foster professional development to accomplish our goals. In addition to our great culture, we also offer competitive compensation and benefit packages, company-sponsored team building events, and advancement opportunities. To find out more about how Criterion can help you take your career to the next level please visit our website:
The National Science Foundation Cyber Security and Privacy (CS&P) Services contract team supports a layered, defense-in-depth cyber security environment that provides successive cyber security controls for approximately 2,500 employees at the Alexandria, Virginia Headquarters and additional employees at other locations. The CS&P Services Team is responsible for a comprehensive, agency-wide Cyber Security Program that encompasses all aspects of cyber security. Strategic objectives for the CS&P Services contract are: data loss prevention; improve network and system security; risk based management; security incident management; and cyber security training and awareness.
This position will be a member of the Oversight and Compliance Team with the responsibility of performing as a Senior Policy Analyst along with some privacy oversight.
- Facilitate in the development and approval of Information Assurance (IA) and Cyber Security documentation, including directives, policies, standards, processes, and procedures, incorporating federal mandates as required
- Create, update, and enhance privacy and cybersecurity strategies, plans and procedures to continuously strengthen the customer’s IT security posture
- Collaborate in the development and maintenance of customers IT privacy and cyber security policies and procedures in accordance with Federal mandates
- Disseminate updated and approved policies, procedures, and handbooks in a manner to encourage proper implementation
- Provide architecture guidance to the Government customer system owners, participate in IT privacy and cyber security meetings and briefings and support Information Systems Security Officer (ISSO) briefings as required
- Assist the ISSO, Privacy lead and CIO in prioritizing cyber security activities and identifying criteria for monitoring results
- Provide audit support (e.g., OMB A-123, FISMA)
- Provide support, coordination and input for OMB and DHS data calls
- Perform feasibility assessments for implementing Federal laws, standards and cybersecurity programs; resulting in a documented report discussing the benefits and Return on Investment of the implementation
- Provide policy expertise and support in cyber security and privacy waiver/exception requests and policy inquiries
- Update a Policy SharePoint site for the customer
- Conduct surveys and reports of historical policy impacts from incident logs, provide feedback to the client, and assist in the initiation of new policies and procedures
- Prepare recommendations, oral and written briefings, white papers, and assessment reports
- Conduct analysis and develop cybersecurity recommendations based on emerging issues
- Maintain situational awareness of significant cyber-related policy issues affecting the United States Government, and provide concise, actionable communication on emerging issues to the customer
- Perform analysis and critical thinking, including assessing complex programmatic issues and applying diagnostics to assess risks and propose innovative solutions
- Identify policy gaps and policy changes required to maintain compliance with Legislation, Executive Orders, OMB Documents, and the customer’s directives
- Bachelor’s Degree or Four (4) years of work experience can be used in lieu of degree.
- Five (5)+ Years of Experience within IT and/or Cyber security
- Prior experience in the development and maintenance of customers IT privacy and cyber security policies and procedures in accordance with Federal mandates
- Working knowledge, experience, and expertise with Federal Cybersecurity and Privacy guidance including applicable Federal Information Security Management Act (FISMA), Office of Management and Budget (OMB), National Institute of Standards and Technology (NIST), Department of Homeland Security (DHS), and organization level guidance and requirements.
- US Citizen
- Eligible for a NACI/Public Trust clearance
- Security + Certification
- A + Certification
- Certified Ethical Hacker
- Certified Information System Security Professional (CISSP)
- Certified Information System Auditor (CISA)
- Certified Information Security Manager (CISM)
- Certified Information Privacy Professional/Government (CIPP/G)