FirstBank Jobs

We are seeking a mission-focused Cyber Risk Management Analyst/Information Assurance Analystto perform cybersecurity risk assessment support for for a high visibility customer. The primary focus will be on identifying and evaluating potential data security risks and vulnerabilities within their systems and developing effective mitigation strategies.

This role is hybrid and requires 3 days a week on-site in Washington, DC.

Duties, Tasks and Responsibilities

• Conduct thorough risk assessments for Government-developed, procured, and potentially acquired applications and/or services. This includes evaluating system interconnections, waivers, Plan of Action and Milestones (POAandMs), and other relevant factors.
• Ensure compliance with relevant regulations, standards, and policies by conducting assessments and authorizations.
• Develop risk assessment reports that can be presented to senior executives, highlighting features, functionality, interoperability, and other critical aspects.
• Identify and recommend appropriate security measures to mitigate identified risks. Collaborate with offices such as Cloud Application Security, Data Governance, and others to incorporate their findings into the risk assessment package.
• Perform data security risk assessments in support of the Request for New Solution process.
• Evaluate critical controls, both FEDRAMP and non-FEDRAMP, as well as features and functionality to develop data security risk assessments.
• Collaborate with relevant stakeholders to ensure the implementation of effective controls and recommend enhancements or improvements as necessary.
• Support continuous monitoring (CONMON) for non-FedRAMP applications.
• Manage and maintain 3rd party risk monitoring tool. Set up accounts, alerts, add new applications, compile security reports, etc.
• Manage and maintain an internal risk assessment tracking system; add new applications needed.

Required Experience, Education, Skills and Technologies

• Bachelors degree in Computer Science, Cybersecurity, Computer Engineering or Information Technology or related degree.

• Active DoD TS/SCI Clearance or TS with SCI eligibility

• 4+ years of experience including proven experience in a similar role supporting the Federal Government.

• Prior experience conducting security risk assessments for IT systems, applications, or services within a Government environment

• Solid knowledge of cybersecurity frameworks, standards, and best practices such as NIST, FISMA, FedRAMP, etc.

• Strong problem-solving abilities and attention to detail.

• Excellent written and verbal communication skills, with the ability to explain technical concepts to non-technical stakeholders.

Preferred Experience, Education, Skills and Technologies

• None

Security Clearance Level

• Minimum TS/SCI

Certification

• DoD 8570 IAT II Certification or higher (e.g., Security+, CCNA Security, CySA+, GICSP, GSEC, CND, SSCP) https://public.cyber.mil/cw/cwmp/dod-approved-8570-baseline-certifications

Work Schedule

• Full-time hybrid on-site 3 days/week

Benefits Offered

• Medical, Dental, Vision, Life Insurance, Short-Term Disability, Long-Term Disability, 401(k) match, Tuition/Training Assistance, Parental Leave, Paid Time Off, and Holidays.

Criterion Systems, LLC and its subsidiaries are committed to equal employment opportunity and non-discrimination at all levels of our organization.We believe in treating all applicants and employees fairly and make employment decisions without regard to any individuals protected status: race, ethnicity, color, national origin, ancestry, religion, creed, sex/gender, gender identity/gender expression, sexual orientation, physical and mental disability, marital/parental status, pregnancy (including childbirth, lactation, and related medical conditions), age, genetic information (includ ng characteristics and testing), military and veteran status, or any other characteristic protected by law. For our complete EEO/AA and Pay Transparency statement, please visithttps://careers-criterion-sys.icims.com/.{rel="noopener" target="_blank"}