Overview

At Criterion Systems, we developed a different kind of business—a company whose real value is a reputation for excellence built upon the collective skills, talents, perspectives, and backgrounds of its people. By accepting a position with Criterion Systems, you will join a group of professionals with a collaborative mindset where we share ideas and foster professional development to accomplish our goals. In addition to our great culture, we also offer competitive compensation and benefit packages, company-sponsored team building events, and advancement opportunities. To find out more about how Criterion can help you take your career to the next level please visit our website: www.criterion-sys.com.

Responsibilities

Criterion Systems is seeking a Data Security Engineer to be part of a newly awarded contract. You will work with a dynamic team of professionals that are responsible for providing Cybersecurity support and expertise in data security policy development, risk assessment, and data security auditing. 

As the Data Security Engineer, you will be responsible for working with the Government to develop and implement a data classification and auditing policy, which includes establishing a Cloud Critical Controls Standard that adapts FedRAMP recommendations and federal regulatory requirements to meet agency-specific needs.

As new cloud solutions are identified, you will perform detailed Data Security Risk Assessments to review data stored in and transmitted through the solution, identify and classify risks, and present mitigation strategies. Specifically, you will evaluate whether effective data security controls and policies are in use (e.g., access controls, encryption capabilities, data retention, records management, and privacy policies).

Additionally, you will be responsible for establishing a data security risk auditing program and developing tailored audit plans for each specific system. Following these audit plans, you will be responsible for performing audits of the application portfolio to validate proper data retention polies exist, that data is properly encrypted, and that it is permissioned appropriately.

As you review existing data security policies and applications, you will continuously evaluate existing application security policies and toolsets and recommendations to improve efficiency through simplified processes and increased automation.

This role requires an Active TS/SCI Clearance prior to onboarding. The work location will be at the customer-site in Washington, DC. 

Qualifications

Minimum Qualifications and Experience:  

• BA/BS Degree in Information Technology, Cybersecurity, or a related field (6 years additional experience may be substituted for a degree) 

• 10 years of experience including hands on knowledge and experience performing application security assessments 
• Extensive hands-on experience performing cloud data security assessments in Federal Government environments.
• Specific experience analyzing data security controls in custom Salesforce applications is strongly preferred 
• Demonstrated knowledge of data security policies and associated application and system configurations 
• Understanding of Federal Records Act (FRA) and Presidential Records Act (PRA) requirements

• Experience drafting and/or supporting the development of cybersecurity policies in Federal Government environments
• Excellent verbal and written communication skills
• DoD 8570 IAT III Certification or equivalent
• Active TS/SCI clearance 

Criterion Systems, Inc. is committed to equal employment opportunity and non-discrimination at all levels of our organization. We believe in treating all applicants and employees fairly and make employment decisions without regard to any individual’s protected status: race, ethnicity, color, national origin, ancestry, religion, creed, sex/gender, gender identity/gender expression, sexual orientation, physical and mental disability, marital/parental status, pregnancy (including childbirth, lactation, and related medical conditions), age, genetic information (including characteristics and testing), military and veteran status, or any other characteristic protected by law. For our complete EEO/AA and Pay Transparency statement, please visit https://careers-criterion-sys.icims.com/.