Information Systems Security Engineer
Apply NowCompany: Riverside Research Institute
Location: Greenville, TX 75401
Description:
Riverside Overview
Riverside Research is an independent National Security Nonprofit dedicated to research and development in the national interest. We provide high-end technical services, research and development, and prototype solutions to some of the country's most challenging technical problems.
All Riverside Research opportunities require U.S. Citizenship.
Position Overview
The primary purpose of this position is to ensure the supported FMS assigned aircraft and ground information systems (IS) attains and maintains proper security authorization, items delivered to the Government are in the approved formats and configurations, all Risk Management Framework (RMF) documentation and procedures are adequately managed and coordinated with external agencies, ensure procedures at CONUS/OCONUS operating locations meet and maintain appropriate security requirements according to applicable directives and guidance. Lead member of the FMS Security Working. Interfaces with Authorizing Officials (AO), mission system Information System Security Officer(s) (ISSO) and Contractor System Administrators (CSA). Supports quick reactions capabilities (QRC) and emerging technology testing. Provides support to other in-resident airborne or ground system projects as FMS workload allows.
Responsibilities
Responsible for physical and operations security policy and issues, manages assigned program areas, and implements force protection policy, projects, and studies for the protection of US personnel and assets
Implements the program protection planning activities for supported Security Assistance/Cooperation Programs, their facilities, and weapon systems at contractor and foreign government locations ensuring that all elements of protection comply with legal and regulatory requirements and meet customer needs throughout the program
Reviews Letters of Offer and Acceptance (LOA) to ensure proper Program Protection requirements are identified to notify partner nations of measures that must be taken to properly protect critical program information and technology
Ensure and support FMS RMF assessment/authorization (A&A) implementation and execution
Support the PM/System Owner and provide direction to mission system ISSO(s) and CSAs
Track, report and coordinate A&A status and issues with the PM/System Owner and AO/DAO.
Serves as the primary interface between Authorizing Officials, Assessment representatives, industry partners, and program protection personnel
Prepares and coordinates for assessments, acceptance/certification testing, QRC, and ad hoc testing
Develops Plans of Actions and Milestones (POA&M) for non-compliance
Enforces established information security policies and procedures
Monitor development of the system, information environment, and threats for security-relevant events and configuration changes that affect security posture
Develop and submit Security Impact Assessments (SIA) for proposed changes as required
Periodically assesses the quality of security controls implementation against performance indicators as documented in the program Continuous Monitoring Plan
Ensure that cybersecurity inputs to program acquisition documents (if required) are prepared
Ensure that the program's contractual documents, such as specifications, statements of work, or Contract Data Requirements Lists (CDRLs) incorporate appropriate cybersecurity language and requirements.
Ensure that security controls and requirements are properly allocated and documented in design specifications, technical publications and manuals, etc.
Ensure that security controls and requirements have been communicated and appropriately resourced by program budget documents and are reflected in the program's requirements database
Ensure that integrated logistics support documentation incorporate cybersecurity considerations throughout the lifecycle of the system.
Oversees planning, implementation and continuous monitoring to achieve and maintain Authority to Operate (ATO) and Interim Authority to Test (IATT)
Ensures facilities constructed for secure storage of U.S. classified information and systems meet or exceed required physical security standards. Conducts on-site security assessment at foreign government installation to ensure program protection compliance.
Anti-Tamper (AT) measures may be applied to the program. Incumbent must properly employ AT to add longevity to the critical technology by deterring efforts to reverse engineer, exploit, or develop countermeasures against a system or system component. AT will be part of the Program Protection process and included in the Program Protection Plan.
Qualifications
Required:
minimum of 5 years of related experience with a Bachelor's degree, 3 years with a Master's degree - a PhD without experience, or equivalent work experience is typically required for an employee at this level.
Possess and maintain a current Top Secret Security Clearance and CI Polygraph
Meet and maintain DoD 8140 IAM Level II certification or obtain certification one (1) year from hire
3 years of cyber surety/information assurance technology or related area
Experience with networks, and computer administration management
Experience with the RMF process and control management within assigned tools such as XACTA, eMASS
Familiarity with NIST publications, DISA STIGS, and SRGs
Proficiency with Microsoft operating systems and Office products
Proven leadership in problem solving, effective communication and decision making
Able to provide clear direction and relate effectively with leadership and across services and agencies
Ability to travel worldwide
Global Comp
$91,000 - $125,000 This represents the typical compensation range for this position based on experience, location and other factors.
Closing Statement
Riverside Research Institute is a not-for-profit, technology-oriented defense company, where service to our customers and support of our staff is our overall mission. Riverside is an affirmative action-equal opportunity employer and complies with all applicable federal, state, and local laws regarding recruitment and hiring. Riverside offers comprehensive compensation and benefit packages to our employees.
Riverside bases its employment decisions solely on technical experience, qualifications and other job-related criteria related to our organizational purpose as a not-for-profit company, and without regard to race, color, religion, age, sex marital status, sexual orientation, national origin, physical or mental disability, veteran's status or any other status legally protected by applicable federal, state, and local law.
Riverside Research is an independent National Security Nonprofit dedicated to research and development in the national interest. We provide high-end technical services, research and development, and prototype solutions to some of the country's most challenging technical problems.
All Riverside Research opportunities require U.S. Citizenship.
Position Overview
The primary purpose of this position is to ensure the supported FMS assigned aircraft and ground information systems (IS) attains and maintains proper security authorization, items delivered to the Government are in the approved formats and configurations, all Risk Management Framework (RMF) documentation and procedures are adequately managed and coordinated with external agencies, ensure procedures at CONUS/OCONUS operating locations meet and maintain appropriate security requirements according to applicable directives and guidance. Lead member of the FMS Security Working. Interfaces with Authorizing Officials (AO), mission system Information System Security Officer(s) (ISSO) and Contractor System Administrators (CSA). Supports quick reactions capabilities (QRC) and emerging technology testing. Provides support to other in-resident airborne or ground system projects as FMS workload allows.
Responsibilities
Responsible for physical and operations security policy and issues, manages assigned program areas, and implements force protection policy, projects, and studies for the protection of US personnel and assets
Implements the program protection planning activities for supported Security Assistance/Cooperation Programs, their facilities, and weapon systems at contractor and foreign government locations ensuring that all elements of protection comply with legal and regulatory requirements and meet customer needs throughout the program
Reviews Letters of Offer and Acceptance (LOA) to ensure proper Program Protection requirements are identified to notify partner nations of measures that must be taken to properly protect critical program information and technology
Ensure and support FMS RMF assessment/authorization (A&A) implementation and execution
Support the PM/System Owner and provide direction to mission system ISSO(s) and CSAs
Track, report and coordinate A&A status and issues with the PM/System Owner and AO/DAO.
Serves as the primary interface between Authorizing Officials, Assessment representatives, industry partners, and program protection personnel
Prepares and coordinates for assessments, acceptance/certification testing, QRC, and ad hoc testing
Develops Plans of Actions and Milestones (POA&M) for non-compliance
Enforces established information security policies and procedures
Monitor development of the system, information environment, and threats for security-relevant events and configuration changes that affect security posture
Develop and submit Security Impact Assessments (SIA) for proposed changes as required
Periodically assesses the quality of security controls implementation against performance indicators as documented in the program Continuous Monitoring Plan
Ensure that cybersecurity inputs to program acquisition documents (if required) are prepared
Ensure that the program's contractual documents, such as specifications, statements of work, or Contract Data Requirements Lists (CDRLs) incorporate appropriate cybersecurity language and requirements.
Ensure that security controls and requirements are properly allocated and documented in design specifications, technical publications and manuals, etc.
Ensure that security controls and requirements have been communicated and appropriately resourced by program budget documents and are reflected in the program's requirements database
Ensure that integrated logistics support documentation incorporate cybersecurity considerations throughout the lifecycle of the system.
Oversees planning, implementation and continuous monitoring to achieve and maintain Authority to Operate (ATO) and Interim Authority to Test (IATT)
Ensures facilities constructed for secure storage of U.S. classified information and systems meet or exceed required physical security standards. Conducts on-site security assessment at foreign government installation to ensure program protection compliance.
Anti-Tamper (AT) measures may be applied to the program. Incumbent must properly employ AT to add longevity to the critical technology by deterring efforts to reverse engineer, exploit, or develop countermeasures against a system or system component. AT will be part of the Program Protection process and included in the Program Protection Plan.
Qualifications
Required:
minimum of 5 years of related experience with a Bachelor's degree, 3 years with a Master's degree - a PhD without experience, or equivalent work experience is typically required for an employee at this level.
Possess and maintain a current Top Secret Security Clearance and CI Polygraph
Meet and maintain DoD 8140 IAM Level II certification or obtain certification one (1) year from hire
3 years of cyber surety/information assurance technology or related area
Experience with networks, and computer administration management
Experience with the RMF process and control management within assigned tools such as XACTA, eMASS
Familiarity with NIST publications, DISA STIGS, and SRGs
Proficiency with Microsoft operating systems and Office products
Proven leadership in problem solving, effective communication and decision making
Able to provide clear direction and relate effectively with leadership and across services and agencies
Ability to travel worldwide
Global Comp
$91,000 - $125,000 This represents the typical compensation range for this position based on experience, location and other factors.
Closing Statement
Riverside Research Institute is a not-for-profit, technology-oriented defense company, where service to our customers and support of our staff is our overall mission. Riverside is an affirmative action-equal opportunity employer and complies with all applicable federal, state, and local laws regarding recruitment and hiring. Riverside offers comprehensive compensation and benefit packages to our employees.
Riverside bases its employment decisions solely on technical experience, qualifications and other job-related criteria related to our organizational purpose as a not-for-profit company, and without regard to race, color, religion, age, sex marital status, sexual orientation, national origin, physical or mental disability, veteran's status or any other status legally protected by applicable federal, state, and local law.