Criterion Systems Senior Cybersecurity Policy Analyst in Alexandria, Virginia

At Criterion Systems, we developed a different kind of business—a company whose real value is a reputation for excellence built upon the collective skills, talents, perspectives, and backgrounds of its people. Our differentiators: employee-owned Federal government IT services contractor founded in 2005; high employee retention rate because of excellent benefits and a focus on job flexibility and work/life balance; leadership team comprised of individuals who have successfully built and run businesses. We have grown our workforce each year for the past seven years with annual growth of at least 30% in the past four years! Our employees are the company’s most valuable assets. Are you ready to be appreciated?

Criterion Systems’ rapid growth and a recent win has created the need forSenior Cybersecurity Policy Analystbased at our Government customer’s location in Alexandria, Virginia.

PRIMARY RESPONSIBILITIES:

This position will be a member of the Oversight and Compliance Team with the responsibility of performing as a Senior Cybersecurity Policy Analyst along with some privacy oversight.

  • Facilitate in the development and approval of Information Assurance (IA) and Cyber Security documentation, including directives, policies, standards, processes, and procedures, incorporating federal mandates as required

  • Create, update, and enhance privacy and cybersecurity strategies, plans and procedures to continuously strengthen the customer’s IT security posture

  • Collaborate in the development and maintenance of customers IT privacy and cyber security policies and procedures in accordance with Federal mandates

  • Disseminate updated and approved policies, procedures, and handbooks in a manner to encourage proper implementation

  • Provide architecture guidance to the Government customer system owners, participate in IT privacy and cyber security meetings and briefings and support Information Systems Security Officer (ISSO) briefings as required

  • Assist the ISSO, Privacy lead and CIO in prioritizing cyber security activities and identifying criteria for monitoring results

  • Provide audit support (e.g., OMB A-123, FISMA)

  • Provide support, coordination and input for OMB and DHS data calls

  • Perform feasibility assessments for implementing Federal laws, standards and cybersecurity programs; resulting in a documented report discussing the benefits and Return on Investment of the implementation

  • Provide policy expertise and support in cyber security and privacy waiver/exception requests and policy inquiries

  • Update a Policy SharePoint site for the customer

  • Conduct surveys and reports of historical policy impacts from incident logs, provide feedback to the client, and assist in the initiation of new policies and procedures

  • Prepare recommendations, oral and written briefings, white papers, and assessment reports

  • Conduct analysis and develop cybersecurity recommendations based on emerging issues

  • Maintain situational awareness of significant cyber-related policy issues affecting the United States Government, and provide concise, actionable communication on emerging issues to the customer

  • Perform analysis and critical thinking, including assessing complex programmatic issues and applying diagnostics to assess risks and propose innovative solutions

  • Identify policy gaps and policy changes required to maintain compliance with Legislation, Executive Orders, OMB Documents, and the customer’s directives

    MINIMUM QUALIFICATIONS AND SKILLS:

  • Bachelor’s Degree or 4 years of work experience to be used in lieu of degree

  • 5+ Years of Experience of policy experience

  • Working knowledge, experience, and expertise with Federal Cybersecurity and Privacy guidance including applicable Federal Information Security Management Act (FISMA), Office of Management and Budget (OMB), National Institute of Standards and Technology (NIST), Department of Homeland Security (DHS), and organization level guidance and requirements.

  • US Citizen eligible for a NACI/Public Trust clearance

    PREFERRED BUT NOT REQUIRED:

  • Security + Certification

  • A + Certification

  • Certified Ethical Hacker

  • Certified Information System Security Professional (CISSP)

  • Certified Information System Auditor (CISA)

  • Certified Information Security Manager (CISM)

  • Certified Information Privacy Professional/Government (CIPP/G)

Criterion Systems is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action-Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class.

    +