Information Security Systems Manager (ISSM)

Riverside Research is an independent National Security Nonprofit dedicated to research and development in the national interest. We provide high-end technical services, research and development, and prototype solutions to some of the country’s most challenging technical problems.

JOB NUMBER: 1065

The candidate must be an accomplished Information Assurance (IA) professional with the experience and understanding of information technology and information security, ability to prioritize tasks, and coordinate between multiple constituents while ensuring the information systems remain accredited by meeting the stipulations of each information systems Authority to Operate (ATO).   The candidate must have a prove record of effectively managing small teams and projects to successful completion in a complex environment.   Special Access Program (SAP) clearance is required for this role.
 

All Riverside Research opportunities require U.S. Citizenship.

Job Responsibilities:

• Develop and maintain a formal information system security program and policies
• Develop and oversee operational information systems security implementation policy and guidelines
• Ensure the Information System Security Officer (ISSO) is appointed in writing and provide oversight to ensure that the ISSO follows established information system policies and procedures
• Manage System Administrators to ensure that maintenance of information systems, including the installation and updating of approved software, patches, and firmware, is performed
• Manage small team delivering IT security support services to multiple stakeholders in a complex security environment
• Oversee and directly support team executing IT tasks to completion for stakeholders
• Ensure quality control for requests and task delivery to customers
• Ensure security posture evaluation is conducted at regular intervals, using appropriate monitoring, validation and testing process, procedures, and tools.  Document results and report status.  Lead any deficiency or vulnerability mitigation/remediation actions to successful and timely completion.
• Ensure approved procedures are used for sanitizing and releasing components and media
• Maintain a repository of all organizational and system-level cybersecurity-related documentation (including ATOs) for all information systems
• Coordinate all information security inspections, tests, and reviews
• Ensure all vulnerability and incident response processes and procedures are documented, updated and maintained, and followed.
• Ensure proper measures are taken when an incident or vulnerability is discovered.  Follow up on any and all reporting requirements and mitigation/remediation actions.
• Verify development and implementation of an effective information security education, training, and awareness program
• Coordinate any modifications to the information systems with the appropriate Authorizing Official (AO) prior to the change
• Serve on the Configuration Control Board (CCB) with vetoing authority to any proposed changes that are deemed detrimental to the security of the information system
• Maintain a working knowledge of system functions, security policies, technical security safeguards, and operational security measures
• Oversee, manage, maintain, and execute the information security continuous monitoring plan
• Maintain a record of all security-related vulnerabilities and coordinate serious or unresolved violations are reported to the AO
• Assess changes to the system, its environment, and operational needs that could affect the security authorization
• Maintain the required certifications that meet DoD 8570 requirements
• Plan and manage small IT/IT security projects to timely and successful completion
• Maintain regular and effective communication with internal team, Program Manager, and customer technical and leadership stakeholders
• Effectively communicate timelines, risks, and other relevant project and task status information to both technical and leadership stakeholders
• Manage meeting outcomes to completion
• Identify and define relevant and effective Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs) for project and task status within scope of responsibility
• Develop effective status report products for meetings to communicate KPI/KRIs to stakeholders
• Other duties as directed

Required Qualifications:

• Bachelor’s degree in related fields or relevant years of experience 
• Active Top Secret Security Clearance
• COMPTIA Security+ certification or DoD 8570 IAM Level I equivalent certification
• Experience obtaining and maintaining accreditation
• 5+ years of experience in IA
• Experience supervising/managing a team
• Experience in managing small IT or Security projects
• Working knowledge of NIST 800-53 (RMF)
• Excellent written and verbal communication skills
• Effective organizational and leadership skills
• Effective communication skills and ability

Desired Qualifications:

• Bachelor’s degree in Management Information Systems (MIS) or Information Technology
• ISC2 CISSP Certification or equivalent (DoD 8570 IAM Level II)
• SCI Eligible
• Project management experience (e.g., PMP)

Riverside Research does not mandate COVID vaccination as a condition of employment. However, proof of vaccination or negative test may be required to enter certain government facilities and sites. Vaccination requirements will depend on the status of the federal contractor mandate and customer site-specific requirements. To protect the health and safety of its employees, their families, and to comply with customer requirements, the company requires all employees to disclose vaccination status (upon hire). 

Riverside Research strives to be one of America's premier providers of independent, trusted technical and scientific expertise. We continue to add experienced and technically astute staff who are highly motivated to help our DoD and Intelligence Community (IC) customers deliver world class programs. As a not-for-profit, technology-oriented defense company, we believe service to customers and support of our staff is our mission. Our goal is to serve as a destination company by providing an industry-leading, positive, and rewarding employee experience for all who join us. We aspire to be a valued partner to our customers and to earn their trust through our unwavering commitment to achieve timely, innovative, cost-effective and mission-focused solutions.

All positions at Riverside Research are subject to background investigations. Employment is contingent upon successful completion of a background investigation including criminal history and identity check.

Our EEO Policy
Riverside Research is an equal opportunity employer. We recruit, employ, train, compensate and promote without regard to race, religion, sex, color, national origin, age, gender identity, sexual orientation, marital status, disability/veteran, status as a protected veteran, or any other basis protected by applicable federal, state and local law.

If you need assistance at any time in our application or interview process, please contact Recruiting at email Recruiting@RiversideResearch.org. A member of the Recruiting team will be available to assist.

This contractor and subcontractor shall abide by the requirements of 41 CFR 60-741.5(a). This regulation prohibits discrimination against qualified individuals on the basis of disability and requires affirmative action by covered prime contractors and subcontractors to employ and advance in employment qualified individuals with disabilities.

This contractor and subcontractor shall abide by the requirements of 41 CFR 60-300.5(a). This regulation prohibits discrimination against qualified protected veterans and requires affirmative action by covered contractors and subcontractors to employ and advance in employment qualified protected veterans.

For more information on "EEO is the Law," please visit:
http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf

https://www.dol.gov/sites/dolgov/files/ofccp/regs/compliance/posters/pdf/eeopost.pdf