Cyber Risk Management Analyst with Security Clearance - Washington, DC, United States - Criterion Systems, LLC

    Criterion Systems, LLC
    Criterion Systems, LLC Washington, DC, United States

    2 weeks ago

    Default job background
    Technology / Internet
    Description
    Overview At Criterion Systems, we developed a different kind of business-a company whose real value is a reputation for excellence built upon the collective skills, talents, perspectives, and backgrounds of its people
    By accepting a position with Criterion Systems, you will join a group of professionals with a collaborative mindset where we share ideas and foster professional development to accomplish our goals
    In addition to our great culture, we also offer competitive compensation and benefit packages, company-sponsored team building events, and advancement opportunities

    To find out more about how Criterion can help you take your career to the next level please visit our website: www.

    criterion-
    Criterion Systems is a Military/Veteran Friendly Company therefore we encourage Veterans to apply
    Responsibilities We are seeking a mission-focused Cyber Risk Management Analyst/I nformation Assurance Analyst to perform cybersecurity risk assessment support for for a high visibility customer
    The primary focus will be on identifying and evaluating potential data security risks and vulnerabilities within their systems and developing effective mitigation strategies
    This role is hybrid and requires 3 days a week on-site in Washington, DC
    Duties, Tasks & Responsibilities


    • Conduct thorough risk assessments for Government-developed, procured, and potentially acquired applications and/or services
    This includes evaluating system interconnections, waivers, Plan of Action and Milestones (POA&Ms), and other relevant factors.


    • Ensure compliance with relevant regulations, standards, and policies by conducting assessments and authorizations.
    • Develop risk assessment reports that can be presented to senior executives, highlighting features, functionality, interoperability, and other critical aspects.
    • Identify and recommend appropriate security measures to mitigate identified risks

    Collaborate with offices such as Cloud Application Security, Data Governance, and others to incorporate their findings into the risk assessment package.


    • Perform data security risk assessments in support of the "Request for New Solution" process.
    • Evaluate critical controls, both FEDRAMP and non-FEDRAMP, as well as features and functionality to develop data security risk assessments.
    • Collaborate with relevant stakeholders to ensure the implementation of effective controls and recommend enhancements or improvements as necessary.
    • Support continuous monitoring (CONMON) for non-FedRAMP applications.
    • Manage and maintain 3rd party risk monitoring tool
    Set up accounts, alerts, add new applications, compile security reports, etc.


    • Manage and maintain an internal risk assessment tracking system; add new applications needed
    Qualifications Required Experience, Education, Skills & Technologies


    • Bachelor's degree in Computer Science, Cybersecurity, Computer Engineering or Information Technology or related degree.
    • Active DoD TS/SCI Clearance or TS with SCI eligibility
    • 4+ years of experience including proven experience in a similar role supporting the Federal Government.
    • Prior experience conducting security risk assessments for IT systems, applications, or services within a Government environment
    • Solid knowledge of cybersecurity frameworks, standards, and best practices such as NIST, FISMA, FedRAMP, etc.
    • Strong problem-solving abilities and attention to detail.
    • Excellent written and verbal communication skills, with the ability to explain technical concepts to non-technical stakeholders
    Preferred Experience, Education, Skills & Technologies


    • None Security Clearance Level
    • Minimum TS/SCI Certification
    • DoD 8570 IAT II Certification or higher (e.g., Security+, CCNA Security, CySA+, GICSP, GSEC, CND, SSCP) Work Schedule
    • Full-time hybrid on-site 3 days/week Benefits Offered
    • Medical, Dental, Vision, Life Insurance, Short-Term Disability, Long-Term Disability, 401(k) match, Tuition/Training Assistance, Parental Leave, Paid Time Off, and Holidays
    Criterion Systems, LLC and its subsidiaries are committed to equal employment opportunity and non-discrimination at all levels of our organization
    We believe in treating all applicants and employees fairly and make employment decisions without regard to any individual's protected status: race, ethnicity, color, national origin, ancestry, religion, creed, sex/gender, gender identity/gender expression, sexual orientation, physical and mental disability, marital/parental status, pregnancy (including childbirth, lactation, and related medical conditions), age, genetic information (including characteristics and testing), military and veteran status, or any other characteristic protected by law
    For our complete EEO/AA and Pay Transparency statement, please visit https://careers-criterion-