Information System Security Officer (Isso)

Overview

At Criterion Systems, we developed a different kind of business-a company whose real value is a reputation for excellence built upon the collective skills, talents, perspectives, and backgrounds of its people. By accepting a position with Criterion Systems, you will join a group of professionals with a collaborative mindset where we share ideas and foster professional development to accomplish our goals. In addition to our great culture, we also offer competitive compensation and benefit packages, company-sponsored team building events, and advancement opportunities. To find out more about how Criterion can help you take your career to the next level please visit our website: www.criterion-sys.com. Criterion Systems is a Military/Veteran Friendly Company therefore we encourage Veterans to apply. Our staff provides cyber security support to the Department of Energy National Nuclear Security Administration.

Responsibilities

We are seeking an Information System Security Officer (ISSO) to support and contribute to our government customer's success in Germantown, MD.

In this role, you will serve as a Principal Adviser on all matters involving the security of an Information System (IS). You will have the detailed knowledge and expertise required to manage the security aspects of an information system and be assigned responsibility for the day-to-day security operations of a system. You will assist in the development of the security policies and procedures and ensure compliance with those policies and procedures through ongoing monitoring and assessments. In close coordination with the Information System (IS) owner and the Information System Security Manager (ISSM), you will play an active role in the evaluation or risk associated with a system, enforcing and assessing the controls, monitoring the security impact of changes to the systems, and developing and updating the security documentation associated with the system.

Duties, Tasks & Responsibilities

• Ensuring the implementation of DOE and NNSA cybersecurity policies and procedures for designated information systems

• Conducting the Assessment and Authorization (A&A) activities for designated systems

• Documenting the implementation of protection measures within the security plan for the systems

• Ensuring the appropriate access is provisioned for users of designated systems

• Identifying, assessing, and documenting threats and risks to designated systems

• Capturing and maintaining information system security artifacts

• Conducting cybersecurity tests and assessments and providing results of these activities to the ISSM

• Evaluating the security impact and recommending implementation strategies for security significant changes to the assigned information systems

• Identifying cyber security training needs in terms of job responsibilities or roles

• Conducting information system risk assessments

• Responding to and reporting of incidents related to their assigned information systems

• Development of security processes and procedures to support the ISSM's Cyber Security Program

• Creating and maintaining disaster recovery and incident response plans and participating in associated training

• Formally and informally presents information in group and individual settings

Qualifications

Required Experience, Education, Skills & Technologies

• U.S. Citizenship (NO dual-citizenship)

• Bachelor's Degree in a related field with appropriate background and knowledge of current industry technologies/standards for enterprise networks. Four (4) years of work experience in computer and information technology related field may be considered as substitution for degree

• Five (5) years of IT work experience with a preference for cybersecurity experience.

• Prior experience in information security/information assurance roles in may be substituted for education requirements (e.g., examples of experience with implementing and managing FISMA, FedRAMP, DoDI 8500.2, HIPAA, or PCI requirements)

• DoD 8570 IAT Level II and/or IAT Level III (i.e., CISSP) certification or the ability to obtain it within 6 months

• Experience with NIST SP 800-53, Risk Management Framework (RMF), and security assessment tools

• Demonstrated knowledge and/or experience with Operating System, Virtualization, and Networking technologies

• Must be able to demonstrate specialized experience applying the principles, practices, and techniques used by information systems security personnel

• Proficiency with Microsoft Office products (Word, Outlook, Excel, PowerPoint, and SharePoint)

• Must have strong attention to detail

• Effective verbal and written communication and presentation skills

• Strong planning, organizational, and time management skills

• Demonstrated initiative and ability to work independently, as well as strong interpersonal skills that foster the ability to work effectively on teams, communicate effectively

Security Clearance Level

• Active Top Secret Clearance, SSBI (Single Scope Background Investigation) with the ability to upgrade to a Department of Energy (DOE) "Q" Clearance or an active DOE "Q" clearance

Work Schedule

• Full-time with work on-site each week in Germantown MD. This is not a fully remote position.

Benefits Offered

• Medical, Dental, Vision, Life Insurance, Short-Term Disability, Long-Term Disability, 401(k) match, Tuition/Training Assistance, Parental Leave, Paid Time Off, and Holidays.

Criterion Systems, LLC and its subsidiaries are committed to equal employment opportunity and non-discrimination at all levels of our organization. We believe in treating all applicants and employees fairly and make employment decisions without regard to any individual's protected status: race, ethnicity, color, national origin, ancestry, religion, creed, sex/gender, gender identity/gender expression, sexual orientation, physical and mental disability, marital/parental status, pregnancy (including childbirth, lactation, and related medical conditions), age, genetic information (including characteristics and testing), military and veteran status, or any other characteristic protected by law. For our complete EEO/AA and Pay Transparency statement, please visit https://careers-criterion-sys.icims.com/.