RII develops cutting-edge software for the government and military. We use agile development practices and user-centered design to create innovative software solutions for complex real-world problems. We're breaking through the big, slow status quo with transformative technology that fundamentally changes and improves the world.
We are looking for a committed Information Systems Security Manager to join our Security team. You will solve uniquely challenging problems for our Defense and Homeland Security customers. Help manage large volumes of critical, real-time information about issues from global to local.
Get s#it done.
This position requires an active US Top Secret security clearance, and the ability to hold a TS/SCI security clearance.
WHAT YOU WILL BE DOING
- Communicates within and outside of organization to explain and influence changes to policies, practices, or approaches.
- Makes significant improvements in processes, systems, or products. Establishes short-term operational plans with measurable contribution to function or business area results.
- Work consists of making significant improvements of processes, systems, solutions, or products to enhance performance of job area. May develop new concepts or standards. Opportunities for problem solving and innovation are undefined, where information is difficult to obtain.
- Conducts extensive investigation to understand the root cause of problems. Problems span a wide range of difficult and unique issues across the function and/or business area.
- Responsible for analyzing and/or administering security controls for information systems
- Safeguards the network against unauthorized infiltration, modification, destruction or disclosure
- Implements, enforces, communicates and develops security policies or plans for data, software applications, hardware, and telecommunications
- Provide details for developing Information System Security (ISS) Risk Management Framework (RMF) documentation (SSP, SAR, SAP, SCTM, POA&M, etc.) to support the Assessment & Authorization (A&A) of assigned systems
- Performs ISS controls assessments as part of the systems’ Continuous Monitoring PlanIdentifies system security controls shortcomings and annotates POA&M entries for deficient items, playing a vital role with remediating control deficiencies
- Assists with documenting annual ISS Self Assessments
WHAT YOU HAVE DONE
- Minimum 5 years of hands-on experience with Information Assurance/Cybersecurity architecture, requirements, determination, development, and implementation
- Candidate must have and be able to maintain an active U.S. Government security clearance at the Top Secret level with a background investigation date within 6 years, and be able to meet the special access eligibility requirements of DoDM 5205.07 Volume 2.
- Demonstrated knowledge and use of the following regulations: DOD Joint Special Access Program Implementation guide (JSIG), ICD 503 Regulations (Computer Security), Defense Counterintelligence and Security Agency Assessment and Authorization Process Manual (DAAPM), knowledge of "New" Risk Management Framework (RMF) processes.
- Experience with security features and/or vulnerability of various operating systems as defined by NSA, NIST, DISA (STIGs) and/or USCYBERCOM
- Experience with network and system security administration, including operating system security configuration and account management best practices for MS Windows and Linux
- Experience with Information Assurance (IA) related testing and assessment tools, e.g., Security Content Automation Protocol (SCAP), Security Technical Implementation Guide (STIG) Viewer, etc
- Experience with information security tool sets such as anti-virus, security information and event management (SIEM), and/or HIDS/ NIDS
- Self-starter requiring limited direction and supervision
- Hands on experience with eMASS, ACAS or NESSUS, Splunk, SCAP, POA&Ms, system security audits, and RMF security package development
- Experience implementing DoD and Federal Risk Management Framework, IA Certification and Accreditation Processes, IA controls and developing and maintaining associated certification and accreditation documentation
- Familiarization with one or more of the following: Defense Counterintelligence and Security Agency (DCSA) National Industrial Security Program Operations Manual (NISPOM), DoD Joint Special Access Program Implementation Guide for Risk Management Framework (JSIG RMF), Intelligence Community Directive 503 (ICD-503), or similar guidance
At RII, we believe that diversity in our workforce is critical to our success. We strive to hire great people from a wide variety of backgrounds, not just because it’s the right thing to do, but because it makes us stronger. We work to help your intellectual passions and creativity thrive. It’s one of our core values:
Let your geek flag fly.
We also offer all employees comprehensive benefits including: flexible work schedules, health insurance coverage, paid time off, 401k with a company match, paid parental leave, access to wellness programs and much more. You get this all from day one, and all paid for by RII.It’s all part of another of our core values:
Stay human.
It’s why our comfortable and colorful offices such as our headquarters, include a community game room, pantry, massage chair, and an escape room, among other amenities. It’s why we have community managers and regular community events.
Research Innovations, Inc. is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender, gender identity or expression, national origin, genetics, disability status, protected veteran status, age, or any other characteristic protected by state, federal or local law.#LI-BA1Apply for this job