Overview

At Criterion Systems, we developed a different kind of business—a company whose real value is a reputation for excellence built upon the collective skills, talents, perspectives, and backgrounds of its people. By accepting a position with Criterion Systems, you will join a group of professionals with a collaborative mindset where we share ideas and foster professional development to accomplish our goals. In addition to our great culture, we also offer competitive compensation and benefit packages, company-sponsored team building events, and advancement opportunities. To find out more about how Criterion can help you take your career to the next level please visit our website:www.criterion-sys.com.

Responsibilities

Criterion Systems is seeking a mission-focused Cybersecurity Engineer to support and contribute to our government customer’s success in Springfield, VA. The individual in this position must be a motivated team player that strives for professional and technical excellence in cybersecurity. The individual in this role will operate and manage all aspects of Information Systems, data availability, integrity, authentication, confidentiality, and non-repudiation. They will also develop and execute security policies, plans, and procedures and ensure security measures of the network.

Primary Responsibilities include, but are not limited to:

• Responsible ensuring IT system compliance with all applicable laws, DoD policies, and standards.
• Perform system scans, analyze results, and write necessary reports and plans.
• Provide Network Environment (NE) and Computing Environment (CE) support, including implementing all applicable IA vulnerability alerts (IAVA), IA vulnerability bulletins (IAVB), and technical advisories (TA.)
• Develop and implement Standard Operating Procedures (SOPs), System Security Plans (SSP), Plan Of Actions and Milestones (POA&Ms) and other related documents to satisfy Assessment and Authorization (A&A) requirements in accordance with NIST 800-53, Risk Management Framework (RMF) and other government guidelines, as required to achieve and maintain an ATO (Authority To Operate.)
• Implement and apply technologies, processes, and practices designed to protect networks, devices, programs, and data from malicious attack, damage, or unauthorized access.
• Maintain computer systems, networks, and other related device, including implementing all applicable IA vulnerability alerts (IAVA), IA vulnerability bulletins (IAVB), and technical advisories (TA.)
• Investigate IT related security incidents to determine extent of compromise to national security information and automated information systems. May provide intrusion support to high technology investigations in the form of network assessments.
• Researches and maintains proficiency in tools, techniques, countermeasures, and trends in computer and network vulnerabilities, data hiding and network and device security and encryption. Performs duties in support of in-house and external customers.
• Configures and validates secure systems, tests security products/systems to detect computer and information security weakness.
• Generates security architecture documentation.
• Provides critical written and verbal analyses of previously generated security architecture documentation and vulnerability and risk assessments.
• Develop and implement documentation to satisfy NIST 800-53, and Risk Management Framework (RMF) requirements. Designs and implements Plans of Action and Milestones (POAM) to remediate findings from vulnerability and risk assessments. Provides information assurance for digital information, ensuring its confidentiality, integrity, and availability. Responsibilities include monitoring and testing of IT systems for vulnerabilities and indications of compromise, incident response and remediation, and compliance with applicable government and other external standards.

Qualifications

Minimum Skills and Qualifications:

• Must have a Bachelor’s Degree in a Technical field (i.e., Information Technology, Information Systems, Computer Science.)
• Must obtain/maintain a CISSP, or Security certification within 120 days of starting.
• Must have an active TS/SCI with CI Poly Security Clearance (US Citizenship required.)
• Must have at least 5 years of interpreting and implementing DoD directives, instructions, and policies that provide direction and guidance and applying them to CE and NE.
• Knowledge of the Assessment & Authorization (A&A), and NIST RMF processes.
• Experience with hands-on Linux, installing, maintaining, administering, and troubleshooting computer systems and networks, DevOps.
• Experience with network security architecture to include, but not limited to firewalls, intrusion detection/prevention systems (IDS/IPS), content filtering devices, encryption devices, cross domain solution (CDS) and DoD Public Key Infrastructure (PKI.)

Preferred Skills:

• Familiar with scanning tools (e.g., Rapid 7, Nessus, etc.)
• Technical Writing experience (creating/updating IA policy & procedure documentation.)
• Excellent written and verbal communication skills with strong presentation abilities.
• Must be able to work well on independent engagements as well as within a team setting; Strong client presence and interaction abilities.
• Excellent understanding of common computing platforms, RedHat Linux Server, and vendor specific appliance support.

Criterion Systems, Inc. and its subsidiaries are committed to equal employment opportunity and non-discrimination at all levels of our organization. We believe in treating all applicants and employees fairly and make employment decisions without regard to any individual’s protected status: race, ethnicity, color, national origin, ancestry, religion, creed, sex/gender, gender identity/gender expression, sexual orientation, physical and mental disability, marital/parental status, pregnancy (including childbirth, lactation, and related medical conditions), age, genetic information (including characteristics and testing), military and veteran status, or any other characteristic protected by law. For our complete EEO/AA and Pay Transparency statement, please visit https://careers-criterion-sys.i