RIVA Solutions Inc. Careers

Description

• Engineer security solutions for endpoint hardware, software, and services in compliance with NIST SP 800-53, 800-207 (Zero Trust), FedRAMP, DISA STIGs, and FIPS standards.
• Analyze and refresh government-furnished security systems and assets.
• Conduct reviews of network configurations and firewall rules; deliver recommendations for security improvements.
• Safeguard Personally Identifiable Information (PII) per NIST SP 800-122.
• Ensure SIEM log forwarding and support audit requirements.

• Track and assess CVE/KEV threats from CISA.
• Deliver technical and executive reports on vulnerabilities, remediation plans, and risk ratings.
• Monitor and ensure compliance with CISA Binding Operational Directives (BODs).
• Present findings and mitigation strategies to stakeholders.

• Support a variety of endpoint devices including desktops, laptops, tablets, and mobile phones.
• Design endpoint engineering plans, integration procedures, and compliance tests.
• Maintain SOPs, system security documentation, and support SSPs, POA&Ms, and penetration test reports.
• Mitigate high-risk vulnerabilities within 30 days and moderate-risk vulnerabilities within 90 days.
• Collaborate with HHS OIG teams to respond to incidents and escalations.

• Security Operations

• Manage vulnerability scanning and remediation using Tenable.
• Review and press engineering teams to patch vulnerabilities or document risk acceptance where mitigation is not feasible.
• Work with Global NOC security tools, including attack surface management and port exposure monitoring, ensuring only approved ports/protocols are accessible.
• Support detection of undocumented network nodes (approx. 1,500 devices), validating discoveries and coordinating with engineers to correct documentation gaps.
• Interface with the NOAA Cybersecurity Team to respond to advisories from CISA and SOC-reported threats.

• Network and Infrastructure Support

• Provide triage and incident direction across NOAA and Department of Commerce networks, identifying offending customers/systems (e.g., malware, command & control, compromised endpoints).
• Operate and maintain VPN infrastructure and enterprise wireless services.
• Apply strong foundational knowledge of IP addressing, NAT, and DNS to daily operations.

• Collaboration and Systems Interaction

• Work closely with Global NOC engineers to resolve vulnerabilities, discrepancies, and security incidents.
• Engage with compliance and operations security personnel, supporting the broader IT security posture.
• Leverage well-documented workflows and group resources for knowledge sharing and troubleshooting.

• Tools and Technology

• Tenable is the primary tool for vulnerability management; JAMF is in use but dedicated staff handle endpoint management.
• Most other security and monitoring capabilities rely on custom Global NOC software.
• Limited reliance on BigFix; must be flexible in adapting to NOAA-specific toolsets.

• Bachelor’s degree in Information Systems, Computer Science, Engineering, or related field (or equivalent experience).
• 8+ years in IT security engineering, endpoint security, vulnerability management, and C&A processes.
• Deep familiarity with federal IT security frameworks and compliance standards including:
• NIST SP 800 series (800-53, 800-122, 800-207, etc.)
• FedRAMP
• FISMA
• FIPS 140-2/201-2
• CISA Binding Operational Directives (BODs)
• Demonstrated experience in endpoint security design, CVE/KEV vulnerability tracking, and SIEM integration.
• Strong technical writing and presentation skills, particularly for executive audiences.

• Master’s degree in Cybersecurity or related field.
• Industry certifications such as CISSP, CISM, CISA, CEH, Security+.
• Experience supporting cybersecurity efforts within HHS, DoD, or other federal agencies.
• Proficiency in Zero Trust Architecture, EDR, and vulnerability management platforms.

• Health, Dental, and Vision Coverage
• Life Insurance
• Retirement Benefits / 401K with Company Match
• HSA/FSA Spending Accounts
• Long- and Short-Term Disability
• Pet Insurance
• Wellness Program Initiatives
• RIVA Flex
• Additional Workplace Benefits