Riverside Research Corporate Information Systems Security Manager in New York, New York

2018-004-INF: Corporate Information Systems Security Manager
DirectorateInformation Technology
Riverside Research strives to be one of America's premier providers of independent, trusted technical and scientific expertise. As we continue to add experienced, technically astute staff, we are looking for highly motivated, talented team members that can help our DoD and Intelligence Community (IC) customers continue delivery of world class programs. As a not-for-profit, technology-oriented Defense Company, we believe service to customers and support of our staff is our mission. Our goal is to serve as a destination company by providing an industry-leading, positive, and rewarding employee experience for all who join us. We aspire to be a valued partner to our customers and to earn their trust through our unwavering commitment to achieve timely, innovative, cost-effective and mission-focused solutions.
Riverside Research strives to be one of America's premier providers of independent, trusted technical and scientific expertise. As we continue to add experienced, technically astute staff, we are looking for highly motivated, talented team members that can help our DoD and Intelligence Community (IC) customers continue delivery of world class programs. As a not-for-profit, technology-oriented Defense Company, we believe service to customers and support of our staff is our mission. Our goal is to serve as a destination company by providing an industry-leading, positive, and rewarding employee experience for all who join us. We aspire to be a valued partner to our customers and to earn their trust through our unwavering commitment to achieve timely, innovative, cost-effective and mission-focused solutions.Riverside Research is seeking a Corporate Information Assurance Officer to lead Riverside Research's Information Technology Security Program, to include Assessment & Authorization (A&A) requirements across the enterprise. This position functions as the corporate ISSM, responsible for the development and oversight of a comprehensive information assurance (IA) program as identified in applicable customer requirements to include NISPOM, ICD 503/CNSSI 1253, DFARS, NIST 800-53, NIST 800-171, etc. This is a full-time position with the location TBD (Beaver Creek OH, Boston MA, Arlington VA or Centreville VA)
Job Responsibilities:
* Corporate ISSM overseeing A&A activities for all classified systems at various Riverside Research offices
* Program Manager for DoD-Defense Industrial Base Collaborative Information Sharing Environment (DCISE)
* Lead IA specialist for implementation of NIST 800-171 IA controls for CUI and DFARS requirements
* Initiate and follow through completion, Risk Management Framework (RMF) packages for enterprise architectures in accordance with NISPOM/DAAPM, ICD 503/CNSSI 1253, JSIG, NIST 800-53 and NIST 800-171 requirements
* Create and maintain A&A packages, System Security Plans (SSPs), Risk Assessment Reports (RARs), Security Controls Traceability Matrices (SCTMs) and Plans of Action & Milestones (POA&Ms) for all classified systems
* Establish and administer appropriate security systems, policies, standards, and procedures in compliance with applicable government and corporate directives, guidelines, and contractual obligations
* Conduct analysis and assessment of the security control assessment guidance, procedures, and templates, ensuring correct and uniform implementation of the new RMF based assessment processes
* Configure and validate information system compliance using DISA STIGs, SCAP Compliance Checker (SCC) and STIG Viewer
* Conduct regular audits/CM in accordance with government customer requirements
* Provide technical and professional leadership to IT support personnel, provide oversight for all classified system compliance and conduct self-assessments at multiple Riverside Research offices
* Provide system administration and information assurance support to corporate ISSM's
* Provide CM for security-relevant information system software, hardware and firmware
* Develop, implement and deliver applicable IT security training to all employees in accordance with NISPOM Chapter 8, cyber threat intelligence data and current cybersecurity trends
* Investigate information system security violations and prepare reports with corrective actions and preventative measures. Responsible for the development and oversight of the corporate cyber security program. Makes recommendations regarding tools, trend analysis and applicable network countermeasures
* Develops and maintains applicable IT Security policies and directives
* Provides support to the Director of Security with the implementation of the Insider Threat Program and other applicable policies as necessary
* Interfaces directly with Defense Security Service (DSS) to conduct AIS security inspections, tests, and reviews
* Guarantee system security requirements are addressed during all phases of system life cycle
* Ensures system security assessments and audits are completed and documented
* Certify that all AIS authorization documentation is current and accessible to authorized individuals
* Other duties as assigned
Qualifications:
In order to qualify for this position, your resume must provide sufficient experience and/or education, knowledge, skills, and abilities, to perform the duties of the specific position for which you are being considered.
* Must hold an active Top Secret security clearance with SCI eligibility
* Master's degree with five (5) years' relevant experience, or Bachelor's degree with seven (7) years' relevant experience, or without a degree, ten (10) years of information assurance experience, preferably as an ISSO/ISSM/IAM
* Experience with NIST 800-53 and Risk Management Framework (RMF) based accreditations. Experience with intelligence community (ICD 503/CNSSI 1253), SAP (JSIG) and DSS (NISPOM/DAAPM) preferred
* Experience to include working in a classified environment consisting of Collateral, SCI and/or SAP required
* Experience with handling /managing COMSEC assets and inventory process
* Experience with DISA Security Technical Implementation Guides (STIGs), SCAP Compliance Checker (SCC) and STIG Viewer preferred
* Knowledge of computer operating systems (Windows, Linux)
* Experience developing standard operating procedures and system security plans
* Self-motivated and possess good written, verbal, listening and presentation skills
* Strong customer service, leadership and team building skills
* Organizational skills to include: attention to detail, time management and ability to multitask
* Certification Requirements: Current DoD 8570.1-M IAM Level 1 certification required. Certified Information Systems Security Professional (CISSP) preferred.
All positions at Riverside Research are subject to background investigations. Employment is contingent upon successful completion of a background investigation including criminal history and identity check.This contractor and subcontractor shall abide by the requirements of 41 CFR 60-741.5(a). This regulation prohibits discrimination against qualified individuals on the basis of disability, and requires affirmative action by covered prime contractors and subcontractors to employ and advance in employment qualified individuals with disabilities.This contractor and subcontractor shall abide by the requirements of 41 CFR 60-300.5(a). This regulation prohibits discrimination against qualified protected veterans, and requires affirmative action by covered contractors and subcontractors to employ and advance in employment qualified protected veterans.

Riverside Research is an equal opportunity employer. We recruit, employ, train, compensate, and promote without regard to race, religion, creed, color, national origin, age, gender, sexual orientation, marital status, disability, veteran status, or any other basis protected by applicable federal, state and local law.