We're a tech company that was first on the ground in the fight against Ubiquitous Technical Surveillance. We help our government and enterprise customers solve a big problem they sometimes don't even know they have. To become leaders in this space, we've relied heavily on curiosity, creativity, and flexibility. We iterate until we get things right and innovate to get there faster.

But enough about us. What's in it for you?

We work hard and do fun things.

Apart from a constantly growing list of fascinating challenges to solve, Ridgeline offers a solid work-life balance, flexible remote work options, and a culture that values teamwork over competition. At Ridgeline, you will work with the most talented software developers, systems engineers, and subject matter experts to change how big enterprises and the U.S. Government manage their digital signatures.

The Senior Information Systems Security Officer (ISSO) will assist the Chief Information Security Officer (CISO) in the management of program and system accreditation, including guiding the processes for obtaining initial Authorization to Operate (ATO) approval and periodic renewals as necessary.

What you will do:

As a Senior ISSO, you are primarily responsible for the Assessment and Authorization (A&A) process, establishing and maintaining compliance with relevant regulations, standards, and contract requirements related to the US federal government Risk Management Framework (RMF).

As part of managing the company’s RMF/A&A process, you are expected to draft and update documents in support of security authorization packages, including System Security Plans (SSPs), Risk Assessment Reports, Security Assessment Plans, and Reports, Contingency Plans, Incident Response Plans, Standard Operating Procedures, Plans of Actions and Milestones (POA&M), Remediation Plans, Configuration Management Plans), etc.

• Lead security authorization activities in compliance with RMF, e.g., NIST, for multiple US federal government programs
• Develop and update security authorization packages in accordance US federal government requirements
• Coordinate assessment and approval activities with US federal government representatives and Ridgeline personnel
• Validate and verify system security requirements definitions and analysis and establish system security designs
• Design and develop system security plans to include information security controls at the networking, computing, and enclave levels for multiple programs, including those with multiple enclaves and differing data protection/classification requirements
• Assists systems architects, engineers, and developers in the identification and implementation of appropriate information security functionality to ensure uniform application of security policy and enterprise solutions
• Assess and mitigate system security threats/risks throughout the program life cycle and work with the Systems Administration or Engineering teams to mitigate the risks
• Oversee continuous monitoring efforts and other program compliance activities
• Communicate and collaborate with technical and non-technical stakeholders to gather, clarify, prioritize, and validate requirements
• Ensure that system change requests are aligned with business needs technical feasibility and have no impact on the security posture.

What you will accomplish in the first six months

• Develop a plan for ongoing maintenance and tracking of ATO status and compliance for existing programs
• Finalize ATO approvals for two, in-process program authorizations
• Lead and manage all ATO activities in existing programs

Must Haves:

• Top Secret SCI security clearance with Poly
• Bachelor’s Degree in a technical field or comparable relevant experience
• Strong IT knowledge of hardware, software, and networks
• Experience accrediting systems through the US federal government RMF/A&A process
• Must be familiar with NIST SP 800-171 (CMMC) and other relevant cybersecurity standards, regulations, and deliverables
• Must have the ability to work in a dynamic environment and effectively interact with numerous US federal government agencies, industry partners, and trusted vendors
• Certified at IAT Level II or IAM Level II or higher under DoDD 8140
• Self-starter who can work independently and as a part of a team

Nice to Haves:

• At least one of the following certifications is highly preferred: CISSP, CISM, CISA

Here are some Perks of being a Ridgeliner!

• Flexible PTO + holidays
• Generous 401k match benefit up to 10%, with an automatic 3% safe harbor contribution and additional matching based on employee contributions.
• Medical (HSA & PPO Plans Available), dental, vision, disability, and life insurance
• Employer Contribution to Health Savings Account (HSA)
• Learning & Development opportunities
• Professional coaching services
• Get the technology you want to do your job
• We have free daily snacks & drinks

Physical Requirements:

• Must be able to remain in a stationary position 50% of the time. The person in this position needs to occasionally move about inside the office
• Constantly work with computers and other office productivity equipment

We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, or veteran status. We are proud to be an equal opportunity workplace.

Ridgeline is committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, veteran status, or any other characteristic protected by law. We are proud to be an equal opportunity workplace.

If you require a reasonable accommodation to apply for a position with Ridgeline International through its online applicant system, please contact Ridgeline's Talent Management Department at (703) 544-2424 or contact us through e-mail at [email protected]