Student Veterans of America Jobs

Welcome to SVA’s jobs portal, your one-stop shop for finding the most up to date source of employment opportunities. We have partnered with the National Labor Exchange to provide you this information. You may be looking for part-time employment to supplement your income while you are in school. You might be looking for an internship to add experience to your resume. And you may be completing your training ready to start a new career. This site has all of those types of jobs.

Here are a few things you should know:
  • This site is mobile friendly. You do not need a log-in or password to access information.
  • Jobs on this site are original and unduplicated and come from three sources: the Federal government, state workforce agency job banks, and corporate career websites. All jobs are vetted to ensure there are no scams, training schemes, or phishing.
  • The site is refreshed daily to remove out-of-date content.
  • The newest jobs are listed first, so use the search features to match your interests. You can look for jobs in a specific geographical location, by title or keyword, or you can use the military crosswalk. You may want to do something different from your military career, but you undoubtedly have skills from that occupation that match to a civilian job.
Home View All Jobs (2,219,130)

Job Information

Criterion Systems Senior Information System Security Specialist in Washington, District Of Columbia

Overview

At Criterion Systems, we developed a different kind of business—a company whose real value is a reputation for excellence built upon the collective skills, talents, perspectives, and backgrounds of its people. By accepting a position with Criterion Systems, you will join a group of professionals with a collaborative mindset where we share ideas and foster professional development to accomplish our goals. In addition to our great culture, we also offer competitive compensation and benefit packages, company-sponsored team building events, and advancement opportunities. To find out more about how Criterion can help you take your career to the next level please visit our website: www.criterion-sys.com . Criterion Systems is a Military/Veteran Friendly Company therefore we encourage Veterans to apply.

Responsibilities

Criterion Systems is seeking aSeniorInformation Systems Security Specialistto support our Department of Transportation (DoT) customer.

Duties, Tasks & Responsibilities Once hired the person will provide support in the following areas:

+ + Assess the current state of the Cybersecurity Program, identify areas for improvement, and execute approved recommendations.

  • Working with stakeholders to develop and maintain DOT Modal ’s Information System’s core and privacy documentation, in accordance with each phase of the System Development Life Cycle (SDLC) with standardized templates, baseline management with supporting checklists and technical guides, and policies.

  • Provide Information system contingency training for personnel with contingency plan responsibilities focusing on familiarizing them with ISCP roles and teaching skills necessary to accomplish their roles in a system recovery capacity.

  • Provide security support and evaluation to DevOps teams to develop core and privacy documentation, integrating information assurance/security throughout the System Life Cycle Development of major and minor application releases.

  • Ensure the DOT enterprise information security management system, Cyber Security Assessment and Management (CSAM), accurately contains required information and supporting artifacts.

  • Assist DOT Modal in recording all known security weaknesses of assigned information systems in the Plans of Action and Milestones (POA&M’s) in accordance with DOT policy, guides, and procedures. Develop POA&Ms for observed control level deficiencies or gaps control implementation.

  • Develop and maintain Inventory of Information System Interconnections and review, develop / update Interconnection Security Agreements and MOUs in accordance with NIST 800-47.

  • Provide Support Security Control Assessments for (ATOs)/Continuous Monitoring.

  • Support Security Control Assessments for (ATOs)/Continuous Monitoring by providing response/supporting artifacts at the modal/program level to validate the implementation of controls per NIST/DOT requirements as needed.

  • Audit Support - Provide project support and coordination with functional teams to gather documentation and support draft responses for audits or evaluations .

  • Provide support, as directed by the DOT Modal Information System Security Manager (ISSM), to FRA Community concerning Cybersecurity policies, processes, and procedures; and

  • Perform other activities relating to DOT Modal ’s Cybersecurity program as directed by the DOT Modal ISSM

  • Continuous Diagnostics and Mitigation (CDM):

    Work with DOT Modal and DOT stake holders to implement a holistic CDM capabilities across the modal footprint.

  • Analyze threats to identify gaps in current defensive posture.

  • Ensure DOT Modal ’s CDM capabilities utilize or tie into departmental CDM capabilities and solutions.

  • Conduct scans and track IOCs and vulnerabilities and communicate those out to DOT and DOT Modal stake holders to include ISSOs, system owners, DOT SOC (when needed), and others.

  • Configure and execute vulnerability scans enumerating vulnerabilities within DOT Modal FRA internal and external network.

  • Assist in maintaining a current DOT Modal information system endpoint inventory that will include but is not limited to, all FRA network ranges, assets, groups, and custom groups within the DOT’s Continuous Diagnostic and Mitigation (CDM) tool suite i.e. BigFix, Nessus and other. Be able to evaluate endpoints migration to and from the operational environment to ensure inventory accuracy and security tool suites are installed in accordance with the approved baseline.

  • Qualifications

    Required Experience, Education, Skills & Technologies

    • US Citizenship

  • BS in Cybersecurity or related technical field

  • Ability to work at least one day a week onsite.

  • Must have at least 8 years total information system and network security experience.

  • Expertise in applying standards and guidance from National Institute of Standard Special Publications (NIST SP), Federal Information Processing Standards (FIPS), Federal Information Security Management Act (FISMA), Clinger-Cohen, Patriot Act, Office of Management and Budget (OMB) A-130, and related information system security guidance through ongoing examination and analysis of cybersecurity projects.

  • Expert level knowledge of Federal Privacy Laws, Regulations, Policies, Procedures, and implementation standards

  • Must understand the FISMA assessment and accreditation process and have at least 6 years of experience with the federal government creating and maintaining IT Authorization to Operate (ATO) packages for new systems and interfacing/coordinating with the System Owners (SO), Business Sponsors, System Maintainers, and Developers.

  • Experience with FedRAMP and security analysis of security controls for systems in the cloud.

  • Proficiency with enterprise cybersecurity tools such as: BigFix, Invicti, and Tenable Security Center.

  • Expertise in detecting, mitigating, and troubleshooting security threats to network infrastructure, verifying vulnerability mitigation, and managing security assessments.

  • Expertise in assessing current and emerging technologies, platforms, and applications to help ensure greater security and efficiencies.

  • Must be familiar with CDM capabilities (Network asset management, Identity and Access Management, Network Security Management, Data Protection Management), the tools that support them and how they are deployed within an enterprise.

  • Expert level experience with conducting dynamic web application security testing and database security assessment, scanning and results interpretation.

  • Expert level experience with enterprise security architecture methodologies, concepts, procedures, principles, and tools.

  • Understanding of the principles and security impacts of:

  • Domain structures

  • Network protocols, user authentication, digital signatures, network firewalls, network intrusion detection systems, and intrusion prevention systems.

  • Operating Systems and systems services (Windows Server, Linux/ Unix and Active Directory)

  • Must have 3 years of experience in contingency planning and backup and recovery best practices and application of NIST guidance in this area. This includes tabletop and functional tests.

  • Ability to work with customers to assess needs, resolve problems, satisfy expectations; knows products and services.

  • Understanding of the principles, methods, and tools of quality assurance and quality control used to ensure a product fulfills functional requirements and standards.

  • Ability to plan, execute and develop report for application, network (internal or external) vulnerability analysis and provides technical recommendations to maintain and improve mission functionality.

  • Ability to use security control and privacy control findings and status from assessment and develop POA&M for controls that should be put in place to remediate vulnerabilities.

  • Proficient in Microsoft Office products: Word, Excel, PowerPoint, Visio, Teams, Tableau, and SharePoint.

    Security Clearance Level

  • Public Trust

    Certification

  • Must possess the following verifiable and current Cybersecurity-related certifications.

  • At least one: Certified Information System Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Authorization Professional (CAP) or CompTIA Advanced Security Practitioner (CASP)

  • At least one: Certified of Cloud Security Knowledge (CCSK), GIAC Cloud Security Automation (GCSA), Azure Certified or other Cloud Certification

    Work Schedule

  • Full-time, hybrid remote

    Pay Rate

  • The projected compensation range for this position is $140,000 - $160,000. Please note that the salary information is a general guideline only. Criterion Systems considers factors such as (but not limited to) scope and responsibilities of the position, candidate's work experience, education/ training, key skills as well as market and business considerations when extending an offer.

    Benefits Offered

  • Medical, Dental, Vision, Life Insurance, Short-Term Disability, Long-Term Disability, 401(k) match, Tuition/Training Assistance, Parental Leave, Paid Time Off, and Holidays.

    Criterion Systems, LLC and its subsidiaries are committed to equal employment opportunity and non-discrimination at all levels of our organization. We believe in treating all applicants and employees fairly and make employment decisions without regard to any individual’s protected status: race, ethnicity, color, national origin, ancestry, religion, creed, sex/gender, gender identity/gender expression, sexual orientation, physical and mental disability, marital/parental status, pregnancy (including childbirth, lactation, and related medical conditions), age, genetic information (including characteristics and testing), military and veteran status, or any other characteristic protected by law. For our complete EEO/AA and Pay Transparency statement, please visit https://careers-criterion-sys.icims.com/.

Job LocationsUS-DC

ID 2024-3244

Category Information Technology

Type Senior

DirectEmployers