FISMA Support Analyst

Alexandria, VA

At Criterion Systems, we developed a different kind of business—a company whose real value is a reputation for excellence built upon the collective skills, talents, perspectives, and backgrounds of its people. By accepting a position with Criterion Systems, you will join a group of professionals with a collaborative mindset where we share ideas and foster professional development to accomplish our goals. In addition to our great culture, we also offer competitive compensation and benefit packages, company-sponsored team building events, and advancement opportunities. To find out more about how Criterion can help you take your career to the next level please visit our website:

The National Science Foundation Cyber Security and Privacy (CS&P) Services contract team supports a layered, defense-in-depth cyber security environment that provides successive cyber security controls for approximately 2,500 employees at the Alexandria, Virginia Headquarters and additional employees at other locations. The CS&P Services Team is responsible for a comprehensive, agency-wide Cyber Security Program that encompasses all aspects of cyber security. Strategic objectives for the CS&P Services contract are:  data loss prevention; improve network and system security; risk based management; security incident management; and cyber security training and awareness.

The NSF is seeking a FISMA support analyst. This includes collecting and analyzing the NSF FISMA data, organizing working group meetings developing and distributing reports, reporting to management, and developing weekly status reports. The team must also coordinate with Privacy, Risk Management, and Capital Planning and Investment Control (CPIC) to ensure all FISMA requirements are in alignment.

Job Responsibilities

  • Facilitate and support quarterly and annual FISMA reporting activities
  • Assist in the development of demonstration aids and analytics regarding data collected from various data sources;
  • Populate and distribute internal FISMA repositories, develop internal and external communications and support responding to all related inquiries
  • Provide strategic consultation to DIS leadership regarding FISMA requirements
  • Identify strategic initiatives/priorities for customer and engage with team members appropriately to ensure team priorities are aligned with customer goals
  • Participate in outreach activities with DIS to provide the appropriate support to those NSF organizations to mature their FISMA-related operations
  • Perform in-depth analyses of reported data from the NSF organizations to assess accuracy, integrity, gaps, and weaknesses
  • Maintain FISMA standard operating procedures (SOP) to be reflective of current processes, tools and requirements
  • Provide logistical and administrative support and materials for meetings
  • Perform ad hoc tasks, as requested (e.g. data calls, etc.)
  • Meet customer deadlines while maintaining a high level of quality

Minimum Requirements

  • US Citizenship
  • Ability to pass a background check and obtain a public trust
  • B.A. or B.S. in related field and seven years of information assurance services experience. Four of the seven years of experience shall be in a lead security design or technical task/program leadership position. B.A. or B.S. may be substituted with 4 years of professional Information Assurance services experience. Active/Current professional certifications obtained through ISC2 or ISACA, such as a CISSP, CISA or CISM certification.
  • Experience shall be in a related security technology or discipline such as security assessments (planning & compliance, architecture, audits, risk & vulnerability identification), creating and implementing security concepts and policy, encryption technology, firewall technology, information protection and/or security training and awareness.
  • Awareness of current information security issues and the ability to interpret the requirements of relevant policies and standards set forth in NIST documentation, specifically, 800-37, 800-53A, FIPS-199/200, and 800-30.
  • Knowledge of NIST in regards to how it applies to FISMA reporting.
  • Strong verbal and written communication skills are required. Effective ability to effectively interact with various levels of senior management is necessary. Candidates must possess strong client interfacing and interpersonal skills. Candidates must be fluent in the English language.
  • Ability to translate tactical issues and address them from a strategic perspective.
  • Ability to function in a fast-paced environment and effectively manage multiple tasks simultaneously; coordinating resources and ensuring scheduled goals are met.
  • Ability to assess and weigh current and evolving security risks in an operational environment.
  • Proven problem management skills with the ability to think critically. Must be able to leverage technology and apply critical thinking to gather, aggregate, and analyze data, and present results to senior clients.
  • Ability to work effectively in a team management environment and participate in collaborative
  • Foster collaborative team approach – interacts well with front line and senior management providing consultation and expert advice on information security related topics.
  • Strong presentation and consulting skills.
  • Must be able to develop meeting agendas and materials, capture meeting minutes as well as facilitate meetings with the client as appropriate.

Criterion Systems is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit



Criterion offers comprehensive health benefits including medical, dental, vision, life and disability insurance. Most of our plans are available at no cost for employee only coverage.

Time Off

Employees begin accruing PTO at 15 days per year and acquire more based on seniority. In addition to PTO, Criterion provides 10 holidays and bereavement, military, jury duty, and family medical leave.


  • Roth and Traditional 401(k) Plans with company matching contributions
  • Health Care and Dependent Care Flexible Spending Accounts
  • Health Savings Accounts
  • Commuter Benefits


All employees are eligible to use up to $3,000 annually for approved professional development, including trainings, memberships, seminars, and degree programs.

Employee Testimonials

Pets of Criterion

We love our furry friends!

Equal Employment Opportunity and Affirmative Action Employer

Criterion Systems, Inc. is committed to equal employment opportunity and non-discrimination at all levels of our organization. We believe in treating all applicants and employees fairly and make decisions without regard to an individual’s protected status: race/ethnicity, color, national origin, ancestry, sex/gender, gender identity/expression, sexual orientation, marital/parental status, pregnancy/childbirth or related conditions, religion, creed, age, disability, genetic information, veteran status, or any other protected status.

Know Your Rights

Applicants have rights under Federal Employment Laws: Family and Medical Leave Act | Equal Employment Opportunity | Employee Polygraph Protection Act. Criterion participates in E-Verify. Review Right to Work information.

Need an Accommodation?

Criterion is committed to Equal Employment Opportunity and providing reasonable accommodations to applicants with physical and/or mental disabilities. If you are interested in applying for a position with Criterion and need special assistance or an accommodation to apply, please send an email with your request to or call us at 703-942-5800. Determination on requests for reasonable accommodation are made on a case-by-case basis.