Vacancy caducado!
Riverside Research is an independent National Security Nonprofit dedicated to research and development in the national interest. With revenues of $125M+, and a staff of more than 630, Riverside Research provides high-end technical services, research and development, and prototype solutions to some of the country's most challenging technical problems. Riverside Research also supports advanced technical education and collaborates widely with university researchers. The company was formed from a respected research laboratory at Columbia University and has a current focus on technical areas including Radar systems, Optics and Photonics, Electromagnetics, Plasma physics, Geoint, Masint, Systems Engineering, and Modeling & Simulation. Riverside Research's open innovation R&D model encourages both internal and external collaboration to accelerate innovation, advance science, and expand market opportunities. In 2015, Riverside Research expanded its facility in Dayton, OH, adding a 30,000 square-foot Open Innovation Center (OIC). The OIC is a collaborative R&D environment that fosters creativity, synergy, and ultimately delivers innovative solutions to current and anticipated challenges. The OIC sets the standard for collaborative innovation and is dedicated to promoting research across the company. Riverside Research has additional research facilities in Boston, MA; New York, NY; Centreville, VA; and Champaign, IL.Job Number: 772 Riverside Research is seeking an Information System Security Manager to administer Riverside Research's TS & SAP programs, to include Assessment & Authorization (A&A) requirements. This position functions as an ISSM, responsible for the development and oversight of a comprehensive information security program as identified in applicable customer requirements to include NISPOM, ICD 503/CNSSI 1253, DFARS, NIST 800-53, NIST 800-171, etc.All Riverside Research opportunities require U.S. Citizenship.
Job Responsibilities:- Create and maintain A&A packages, System Security Plans (SSPs), Risk Assessment Reports (RARs), Security Controls Traceability Matrices (SCTMs) and Plans of Action & Milestones (POA&Ms) for assigned classified systems
- Establish and administer appropriate security systems, policies, standards, and procedures in compliance with applicable government and corporate directives, guidelines, and contractual obligations
- Conduct analysis and assessment of the security control assessment guidance, procedures, and templates, ensuring correct and uniform implementation of the new RMF based assessment processes
- Configure and validate information system compliance using DISA STIGs, SCAP Compliance Checker (SCC) and STIG Viewer
- Conduct regular audits/CM in accordance with government customer requirements
- Provide technical and professional leadership to support personnel, provide oversight for assigned classified system compliance and conduct self-assessments at multiple Riverside Research offices
- Provide CM for security-relevant information system software, hardware and firmware
- Investigate information system security violations and prepare reports with corrective actions and preventative measures.
- Make recommendations regarding tools, trend analysis and applicable network countermeasures
- Interfaces directly with DCSA or other DoD entities to conduct Information System security inspections, tests, and reviews
- Guarantee system security requirements are addressed during all phases of system life cycle
- Ensures system security assessments and audits are completed and documented
- Certify that all Information System authorization documentation is current and accessible to authorized individuals
- Supervisor/mentor Information System Security Officers.
- Other duties as assigned
- Active TS/SCI Security Clearance with polygraph
- Education and Experience ( preferably as an ISSO/ISSM/IAM) :
- Master's degree with five (5) years' relevant experience, or
- Bachelor's degree with seven (7) years' relevant experience, or
- without a degree, ten (10) years of information assurance experience
- Experience with NIST 800-53 and Risk Management Framework (RMF) based accreditations
- Experience to include working in a classified environment consisting of Collateral, SCI and/or SAP
- Knowledge of computer operating systems (Windows, Linux)
- Experience developing standard operating procedures and system security plans
- Certification Requirements: Current DoD 8570.1-M IAM Level 1 certification required.
- Self-motivated and possess good written, verbal, listening and presentation skills
- Strong customer service, leadership and team building skills
- Organizational skills to include: attention to detail, time management and ability to multitask
- Special Access Program experience
- Experience with intelligence community (ICD 503/CNSSI 1253), SAP (JSIG) and DCSA (NISPOM/DAAPM) preferred
- Experience with DISA Security Technical Implementation Guides (STIGs), SCAP Compliance Checker (SCC) and STIG Viewer preferred