Oct 15, 2018

Assessment and Authorization Lead NNSA Washington, DC, Washington, DC, US

  • Criterion Systems
  • Washington, DC, US
Full-Time Defense Engineering Government Information Technology (IT) Other Strategy - Planning

Job Description

Assessment and Authorization Lead

NNSA Washington, DC, Washington, DC, US

8 months agoRequisition ID : 1502

At Criterion Systems, we developed a different kind of business—a company whose real value is a reputation for excellence built upon the collective skills, talents, perspectives, and backgrounds of its people. Our differentiators: employee-owned Federal government IT services contractor founded in 2005; high employee retention rate because of excellent benefits and a focus on job flexibility and work/life balance; leadership team comprised of individuals who have successfully built and run businesses and are involved in day-to-day operations. We have grown our workforce each year for the past seven years with annual growth of at least 30% in the past four years! Our employees are the most valuable assets.  Are you ready to be appreciated?

Criterion Systems, Inc., is seeking an Assessment and Authorization Lead to support a government customer in Northern Virginia.


Once hired you will be responsible for overseeing all aspects of the Assessment and Authorization team.  Day to day duties will include:


  • Provide assistance to system owner in developing and updating application documentation to include System Security Plans and supporting documents, a completed Security Categorization Form, and E-Authorization requirements
  • Address open findings (POA&Ms) that were identified in ATOR for all systems on time and provide no less than quarterly updates (or as required)
  • Enter POA&Ms into Remedy for tracking and coordination of the resolution;
  • Complete the annual requirements for all systems
  • Conduct annual CP Tests per NIST publication 800-34 and any additional agency specific guidelines
  • Conduct Annual Control Assessments (ACA)
  • Conduct necessary activities to ensure the system remains within its accredited security posture
  • Maintain Privacy Impact Assessment (PIA), System Categorization Form (SCF), E-Authentication Risk Assessment (eRA), and Information Technology Asset Baseline (ITAB/iMATRIX) based on the changes to the application
  • Complete an A&A when a planned change to the system has a security impact: Target A&A if amended to current ATO or a Full A&A if award new ATO date
  • Determine impact of all changes
  • Participate in all Security Team governance activities, including but not limited to Enterprise Change Management (ECM), / SDLC Stage Gate Review (SGR) meetings and provide information on impact of planned changes
  • Process any system retirement memos
  • Conduct Advanced penetration testing at all levels
  • Conduct Static (manual and automated) and dynamic codes reviews
  • Provide strategy for and oversee vulnerability assessment process.


 Minimum Qualifications:

  • U.S. Citizenship
  • Active Secret Clearance or higher (prefer Top Secret clearance)
  • Minimum of 10 years of cybersecurity experience in NIST A&A policy
  • Requires extensive knowledge of A&A policy, procedures, and processes, including Federal requirements, NIST 800-57,800-53 and RMF



Preferred Qualifications:

  • Bachelor's degree in Computer Science or related discipline
  • One of the following certifications: CAP, CISSP, OCP, or COBIT




Criterion Systems is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action-Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class





Computer-Network Security,   IT Project Management  



Security Clearance

Active Secret

Apply Now