Information Systems Security Manager

Riverside Overview

Riverside Research is an independent National Security Nonprofit dedicated to research and development in the national interest. We provide high-end technical services, research and development, and prototype solutions to some of the country’s most challenging technical problems.    All Riverside Research opportunities require U.S. Citizenship.  

Position Overview

The primary purpose of this position is to ensure the RC-135 aircraft and ground information systems (IS) attains and maintains proper security authorization, items delivered to the Government are in the approved formats and configurations, all Risk Management Framework (RMF) documentation and procedures are adequately managed and coordinated with external agencies, ensure procedures at CONUS/OCONUS operating locations meet and maintain appropriate security requirements according to applicable directives and guidance. Lead member of the RC-135 Security Working Group and Configuration Control Board (CCB). Interfaces with Authorizing Officials (AO), mission system Information System Security Officer(s) (ISSO) and Contractor System Administrators (CSA). Supports quick reactions capabilities (QRC) and emerging technology testing.

Responsibilities

Job Description

• Ensure and support RC-135 RMF assessment/authorization (A&A) implementation and execution
• Support the PM/System Owner and provide direction to mission system ISSO(s) and CSAs
• Track, report and coordinate A&A status and issues with the PM/System Owner and AO/DAO.
• Serves as the primary interface between Authorizing Officials, Assessment representatives, industry partners, and program protection personnel
• Prepares and coordinates for assessments, acceptance/certification testing, QRC, and ad hoc testing
• Develops Plans of Actions and Milestones (POA&M) for non-compliance
• Enforces established information security policies and procedures
• Monitor development of the system, information environment, and threats for security-relevant events and configuration changes that affect security posture
• Develop and submit Security Impact Assessments (SIA) for proposed changes as required
• Periodically assesses the quality of security controls implementation against performance indicators as documented in the program Continuous Monitoring Plan
• Ensure that cybersecurity inputs to program acquisition documents (if required) are prepared
• Ensure that the program's contractual documents, such as specifications, statements of work, or Contract Data Requirements Lists (CDRLs) incorporate appropriate cybersecurity language and requirements.
• Ensure that security controls and requirements are properly allocated and documented in design specifications, technical publications and manuals, etc. 
• Ensure that security controls and requirements have been communicated and appropriately resourced by program budget documents and are reflected in the program's requirements database
• Ensure that integrated logistics

 

Qualifications

Reqeuired Qualifications

• A minimum of 8 years of related experience with a bachelor’s degree, 6 years with a master’s degree, a PhD with 3 years’ experience, or equivalent experience is typically required for an employee at this level.
• Possess and maintain a current Top Secret Security Clearance and CI Polygraph
• 3 years of cyber surety/information assurance technology or related area
• Meet and maintain DoD 8570 IAM Level III certification
• Experience with networks, and computer administration management
• Experience with the RMF process and control management within assigned tools such as XACTA
• Proficiency with Microsoft operating systems and Office products
• Proven leadership in problem solving, effective communication and decision making
• Able to provide clear direction and relate effectively with leadership and across services and agencies
• Ability to travel worldwide

Global Comp

$118,165 - $145,000 This represents the typical compensation range for this position based on experience, location and other factors.

Closing Statement

  Riverside Research Institute is a not-for-profit, technology-oriented defense company, where service to our customers and support of our staff is our overall mission. Riverside is an affirmative action-equal opportunity employer and complies with all applicable federal, state, and local laws regarding recruitment and hiring.  Riverside offers comprehensive compensation and benefit packages to our employees. Riverside bases its employment decisions solely on technical experience, qualifications and other job-related criteria related to our organizational purpose as a not-for-profit company, and without regard to race, color, religion, age, sex marital status, sexual orientation, national origin, physical or mental disability, veteran’s status or any other status legally protected by applicable federal, state, and local law.