We are seeking a Risk Management Framework (RMF) Technical Writer Mid to support our Department of Transportation (DoT) customer. The candidate will support the development and maintenance of security documentation required for the annual assessment and authorization process, standard operating procedures, policies, and security instructions for DOT information systems. Once hired the person will provide support in the following areas:

• Work closely with cybersecurity team to Reviewing and finalizing information system core security and privacy documentation in preparation for Assessment and Authority to Operate (ATO).

```{=html}

``` - Review and edit materials for clarity, grammar, and punctuation - Translate complex cybersecurity concepts into clear, concise, and reader-friendly content - Review for compliance with DOT and Federal cybersecurity policies - Ensure the DOT enterprise information security management system, Cyber Security Assessment and Management (CSAM), accurately contains required information and supporting artifacts. - Provide project support and coordination with functional teams to gather documentation and support draft responses for audits or evaluations. - Responsible for updating the organizations ATO security documentation templates to maintain compliance with DOT and NIST cybersecurity policies and procedures. - Candidate will be expected to remain aware of current DOT Cybersecurity policies, NIST Special Publications, DoD Cybersecurity Instructions, and Cybersecurity best practices - Assist the organization in recording all known security weaknesses of assigned information systems in the Plans of Action and Milestones (POAandMs) in accordance with DOT policy, guides and procedures. This includes developing POAandMs for observed control level deficiencies or gaps in control implementation. - Track changes to FISMA systems between ATOs and update security and privacy documentation accordingly.

Core documentation includes:

• PTAs and other privacy docs, FIPS 199 Security Categorization document, control selection listing, System Security Plan (SSP), Information System Configuration Management Plan, and Account Management Plan, information system contingency plan (ISCP), and Business Impact Analysis (BIA). Also ensure contingency plan test exercises results are documented in an after-action report, and Lessons Learned corrective actions are captured for updating information in the ISCP. Work closely with cybersecurity team to create and update technical documentation.

Required Experience, Education, Skills and Technologies

• 7 years as a Technical Writer in cybersecurity
• Very careful attention to detail and ability to proofread effectively
• Excellent written and verbal communication skills
• Strong ability to multitask
• Able to simplify and explain complex cybersecurity concepts
• Understanding of NIST cybersecurity principles, technologies, and best practices
• Strong research and analytical skills
• Can grasp complex ideas, particularly as they relate to information technology and cybersecurity
• Have ability to learn DOT cybersecurity terms and organizational structure, understand causal relationships, and can distinguish relevant from irrelevant data.
• BSc degree in Computer Science, Information Security, Technical Writing or a related field

Preferred Experience, Education, Skills and Technologies

• 5 years as a Technical Writer supporting RMF
• Knowledge of Federal cybersecurity guidance and NIST 800 series

Security Clearance Level

Must possess or be able to obtain a DOT Public Trust clearance.

Certification

Desired: Certified Information Systems Security Professional (CISSP) or CompTIA Advanced Security Practitioner Study (CASP)

Work Schedule

Hybrid. On-site once a week at a minimum (Tuesdays).

Pay Rate (required for positio s in states that have a salary transparency law only)

The projected compensation range for this position is $100,000 - $135,000. Please note that the salary information is a general guideline only. Criterion Systems considers factors such as (but not limited to) scope and responsibilities of the position, candidate's work experience, education/ training, key skills as well as market and business considerations when extending an offer.

Benefits Offered

Medical, Dental, Vision, Life Insurance, Short-Term Disability, Long-Term Disability, 401(k) match, Tuition/Training Assistance, Parental Leave, Paid Time Off, and Holidays.

Criterion Systems, LLC and its subsidiaries are committed to equal employment opportunity and non-discrimination at all levels of our organization.We believe in treating all applicants and employees fairly and make employment decisions without regard to any individuals protected status: race, ethnicity, color, national origin, ancestry, religion, creed, sex/gender, gender identity/gender expression, sexual orientation, physical and mental disability, marital/parental status, pregnancy (including childbirth, lactation, and related medical conditions), age, genetic information (including characteristics and testing), military and veteran status, or any other characteristic protected by law. For our complete EEO/AA and Pay Transparency statement, please visithttps://careers-criterion-sys.icims.com/{rel="noopener" target="_blank"}