Assessment and Authorization Lead NNSA Washington, DC, Washington, DC, US
Washington, DC, US
Information Technology (IT)
Strategy - Planning
Assessment and Authorization Lead
NNSA Washington, DC, Washington, DC, US
8 months agoRequisition ID : 1502
At Criterion Systems, we developed a different kind of business—a company whose real value is a reputation for excellence built upon the collective skills, talents, perspectives, and backgrounds of its people. Our differentiators: employee-owned Federal government IT services contractor founded in 2005; high employee retention rate because of excellent benefits and a focus on job flexibility and work/life balance; leadership team comprised of individuals who have successfully built and run businesses and are involved in day-to-day operations. We have grown our workforce each year for the past seven years with annual growth of at least 30% in the past four years! Our employees are the most valuable assets. Are you ready to be appreciated?
Criterion Systems, Inc., is seeking an Assessment and Authorization Lead to support a government customer in Northern Virginia.
Once hired you will be responsible for overseeing all aspects of the Assessment and Authorization team. Day to day duties will include:
Provide assistance to system owner in developing and updating application documentation to include System Security Plans and supporting documents, a completed Security Categorization Form, and E-Authorization requirements
Address open findings (POA&Ms) that were identified in ATOR for all systems on time and provide no less than quarterly updates (or as required)
Enter POA&Ms into Remedy for tracking and coordination of the resolution;
Complete the annual requirements for all systems
Conduct annual CP Tests per NIST publication 800-34 and any additional agency specific guidelines
Conduct Annual Control Assessments (ACA)
Conduct necessary activities to ensure the system remains within its accredited security posture
Maintain Privacy Impact Assessment (PIA), System Categorization Form (SCF), E-Authentication Risk Assessment (eRA), and Information Technology Asset Baseline (ITAB/iMATRIX) based on the changes to the application
Complete an A&A when a planned change to the system has a security impact: Target A&A if amended to current ATO or a Full A&A if award new ATO date
Determine impact of all changes
Participate in all Security Team governance activities, including but not limited to Enterprise Change Management (ECM), / SDLC Stage Gate Review (SGR) meetings and provide information on impact of planned changes
Process any system retirement memos
Conduct Advanced penetration testing at all levels
Conduct Static (manual and automated) and dynamic codes reviews
Provide strategy for and oversee vulnerability assessment process.
Active Secret Clearance or higher (prefer Top Secret clearance)
Minimum of 10 years of cybersecurity experience in NIST A&A policy
Requires extensive knowledge of A&A policy, procedures, and processes, including Federal requirements, NIST 800-57,800-53 and RMF
Bachelor's degree in Computer Science or related discipline
One of the following certifications: CAP, CISSP, OCP, or COBIT
CLICK ON LINK BELOW TO BE DIRECTED TO OUR WEBSITE FOR YOUR APPLICATION PROCESS:
Criterion Systems is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action-Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class
Criterion is an industry-recognized Cybersecurity and IT leader. In the last two years, we have almost tripled its revenue and total staff strength as a result of organic growth across our current contracts supporting agencies such as the Department of Energy (DOE) and recent contract awards with new customers including the United States Department of Agriculture (USDA) National Information Technology Center (NITC), and the Department of Commerce.
In 2017, we were recognized on the prestigious Inc. 5000 List as one of the fastest-growing private companies in America and we won the Moxie Award in the Cybersecurity Category.
Would you like to be part of this exciting organization? Please consider applying to one of our open positions.
Working at Criterion
As a service company – our employees are our most valuable asset. We have an Employee Outreach and Retention program centered on communications, camaraderie, recognition, and career tracks.
The program includes: • Quarterly All Hands meetings • Quarterly happy hours • Team lunches • Quarterly and annual awards to celebrate employee achievements
Criterion is currently looking for motivated individuals to join our team to support our clients across the government at federal civilian agencies like the Department of Energy (DOE), Department of Defense (DoD), and the Intelligence Community (IC).