Address
SalaryOverview
The Technology Practice Area within RTI’s Social, Statistical, and Environmental Sciences (SSES) unit is seeking a Senior Research Information Security Compliance Specialist. The candidate will be responsible for supporting the IT Security and Compliance Program; document, write, edit, and consult on IT security and documentation under the direction of a Project Director, task leader, or manager. They will also perform risk assessments, gap analysis and overall security controls guidance for security standards including National Institute of Standards and Technology (NIST 800-53) and other security frameworks. They will also perform Plan of Action and Milestone (POAM) activities to track remediation efforts, complete security risk tracking and reporting, and response. This position can be based at our headquarters in RTP, North Carolina or remotely.
Responsibilities
Qualifications
#LI-KV1
EEO & Pay Equity Statements
For San Francisco, CA USA Job Postings Only: Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records. Further information is available here.
The anticipated pay range for this role is listed below. Our pay ranges represent national averages and may vary by location as a geographic differential may be applied to some locations within the United States.
RTI considers multiple factors when making an offer including, for example: established salary range, internal budget, business needs, and education and years of work experience possessed by the applicant. Further, salary is merely one element to our offer.
At RTI, we demonstrate our commitment to rewarding individual and team achievement through a total rewards package. This package includes (among other things) a competitive base salary, a generous paid time off policy, merit based annual increases, bonus opportunities and a robust recognition program. Other benefits include a competitive range of insurance plans (including health, dental, life, and short-term and long-term disability), access to a retirement savings program such as a 401(k) plan, paid parental leave for all parents, financial assistance with adoption expenses or infertility treatments, financial reimbursement for education and developmental opportunities, an employee assistance program, and numerous other offerings to support a healthy work-life balance.
Equal Pay Act Minimum/Range
$146,000 - $180,000
RTI International is one of the world's leading research institutes, dedicated to improving the human condition by turning knowledge into practice. Our staff of more than 5,000 provides research and technical services to governments and businesses in more than 75 countries in the areas of health and pharmaceuticals, education and training, surveys and statistics, advanced technology, international development, economic and social policy, energy and the environment, and laboratory testing and chemical analysis.
The Technology Practice Area within RTI’s Social, Statistical, and Environmental Sciences (SSES) unit is seeking a Senior Research Information Security Compliance Specialist. The candidate will be responsible for supporting the IT Security and Compliance Program; document, write, edit, and consult on IT security and documentation under the direction of a Project Director, task leader, or manager. They will also perform risk assessments, gap analysis and overall security controls guidance for security standards including National Institute of Standards and Technology (NIST 800-53) and other security frameworks. They will also perform Plan of Action and Milestone (POAM) activities to track remediation efforts, complete security risk tracking and reporting, and response. This position can be based at our headquarters in RTP, North Carolina or remotely.
Responsibilities
- Lead and assist project teams with ensuring compliance of computer systems with RTI, Federal, and other relevant security standards.
- Serve as RTI’s Information System Security Officer (ISSO) for assigned projects.
- Serve as Security Compliance subject matter expert and provide guidance to project stakeholders.
- Manage information for security assessments leading to initial Authority to Operate (ATO) for systems and maintenance of ATOs while following FISMA, FIPS, NIST and client guidelines and requirements.
- Write, maintain, and ensure implementation of security documentation, including System Security Plans (SSPs), Privacy Impact Assessments (PIAs), Contingency Plans, Incident Response Plans, and other documents.
- Direct and review vulnerability scans on systems to manage project actions, track remediation efforts and reporting to the client through use of Plans of Action and Milestones (POA&Ms).
- Contribute to System Development Life Cycle (SDLC) documents based on Federal guidelines.
- Support internal and external security audits.
- Manage controlled project documentation in document repositories.
- Develop improvements to existing security procedures and provide communication and awareness to project teams and clients.
- Support system implementation processes by reviewing designs and changes for security implications.
- Work across business units and be proficient in managing multiple workstreams at the same time.
- Operate as the subject matter expert and point person for all IT security related items.
- Review and respond to client security inquiries for projects, which may include Common Vulnerabilities and Exposures (CVEs), Known Exploited Vulnerabilities (KEVs) or Indicator of Compromise (IOC).
- Author sections related to security and systems in Request For Information (RFI) and Request For Proposal (RFP).
- Author and contribute to published articles in technology journals and contribute to presentations at technical conferences.
Qualifications
- Minimum of Bachelor’s degree in Information Security, or Computer Science, or any other related discipline and 12 years of related experience or equivalent combination of education and experience. This includes a Master’s degree and 10 years of experience or a PhD and 6 year of experience.
- Six (6) years of experience in information technology and/or cybersecurity, some of which shall have been in a lead capacity in Information Security or a related field.
- Must have one or more Security certifications earned (or in progress). Desirable certifications include CISM, CISA, CISSP, CRISC, CDPSE, CISSO, GCIA, GCIH, CEH.
- Knowledge of and experience with writing, editing, and consulting on IT security & documentation.
- Prior experience with Federal clients a huge plus.
- Knowledge of and experience with current technologies; software, hardware, and database management systems.
- Experience with federal Information Security requirements and frameworks (NIST, FISMA, FIPS).
- Experience with threat and vulnerability management, penetration testing, vulnerability assessments, and vulnerability mitigation
- Knowledge of applicable federal privacy laws and regulations.
- Strong technical writing experience.
- Ability to travel as required.
- Ability to obtain proper security clearances as required by project contracts.
- Applicants must be legally authorized to work in the United States and should not require now, or in the future, sponsorship for employment visa status.
#LI-KV1
EEO & Pay Equity Statements
For San Francisco, CA USA Job Postings Only: Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records. Further information is available here.
The anticipated pay range for this role is listed below. Our pay ranges represent national averages and may vary by location as a geographic differential may be applied to some locations within the United States.
RTI considers multiple factors when making an offer including, for example: established salary range, internal budget, business needs, and education and years of work experience possessed by the applicant. Further, salary is merely one element to our offer.
At RTI, we demonstrate our commitment to rewarding individual and team achievement through a total rewards package. This package includes (among other things) a competitive base salary, a generous paid time off policy, merit based annual increases, bonus opportunities and a robust recognition program. Other benefits include a competitive range of insurance plans (including health, dental, life, and short-term and long-term disability), access to a retirement savings program such as a 401(k) plan, paid parental leave for all parents, financial assistance with adoption expenses or infertility treatments, financial reimbursement for education and developmental opportunities, an employee assistance program, and numerous other offerings to support a healthy work-life balance.
Equal Pay Act Minimum/Range
$146,000 - $180,000
As a global employer of choice, RTI is committed to equity, diversity, inclusion and belonging in the workplace and the communities and markets where we serve our mission. We value diversity of thought, culture, background and perspective and welcome applicants without regard to race, color, religion, sex, age, marital status, sexual orientation, gender identity, national origin, creed, citizenship status, disability, protected veteran status, or any other classification protected by applicable discrimination laws or RTI policy.
We are proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability status, protected veteran status, or any other characteristic protected by law.
Click here. to view the EEOC Know Your Rights Poster.
We are proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability status, protected veteran status, or any other characteristic protected by law.
Click here. to view the EEOC Know Your Rights Poster.
