|
Position Summary: Ensure the appropriate operational security posture for the Specific Manufacturing Capability (SMC) Information System (IS) is maintained to include ensuring implementation of DoW and SMC Site cybersecurity policies, practices, and procedures. Work with IS owners and the IS Information System Security Manager (ISSM) and serve as advisor on all matters, technical and otherwise, involving security of the IS. Essential Job Functions and Responsibilities: (Knowledge, skills, and behaviors required for this position.)
- Conduct audits of SMC IS to ensure compliance with Joint Special Access Program (SAP) Implementation Guide (JSIG), DoW Cybersecurity Service Provider (CSSP) requirements.
- Lead and direct the development of IS accreditation packages (i.e., system security plan, security control assessment, risk assessment, etc.) in accordance with federal directives and the Risk Management Framework (RMF).
- Report all security-related incidents to the ISSM.
- Integrate applicable IS requirements, controls, and processes into design specifications in accordance with DoW established standards, policies, procedures, guidelines, directives, and regulations and laws (statutes).
- Act as the subject matter expert (SME) in the security of basic network and telecommunications services/data (e.g., perimeter defense strategies, defense-in-depth strategies, and data encryption techniques). Understand the policies, procedures, and controls required to protect network and telecommunication services and assess technical, operational, and administrative security controls as mandated by RMF standards.
- Coordinate any changes or modifications to hardware, software, or firmware of a system with the ISSM and AO/DAO prior to the change.
- Ensure audit records are collected, reviewed, and documented (to include any anomalies).
- Ensure all IS security-related documentation is current and accessible to properly authorized individuals.
- Lead others in maintaining change control, ensuring configuration management of the IS to protect the system and data in accordance with technical, operational, and administrative security control requirements.
- Perform a variety of data collection, analysis, reporting and briefing activities associated with security operations and maintenance to ensure that the organizational security policies are implemented and maintained on the IS.
- Verify cybersecurity awareness training and requirements are current for IS users based on identified needs and organizational policies and within organizational time frames. Develop IS training material as needed to support end-user training requirements.
- Coordinate with the appropriate management and security offices to ensure IS users have the required security clearances and need-to-know authorizations before accessing information systems. Collect and track required documentation for IS user accounts.
- Identify, categorize, investigate, isolate, assess, and report IS cybersecurity incidents in coordination with other organizations. Coordinate with the appropriate security offices to ensure that physical controls are implemented as required.
- Participate in the creation, review, and assessment of policies and procedures supporting the secure use and operation of SMC information systems that includes, but is not limited to, system security plans, vulnerability management, risk management, configuration management, change management, and others.
- Promote awareness of cyber policy and strategy as appropriate among management and ensure sound principles are reflected in the organization's mission, vision, and goals.
- Assist the ISSM in meeting their duties and responsibilities. The ISSO shall assume ISSM responsibilities in the absence of the ISSM.
- Attend required technical and security training (e.g., operating system, networking, security management) relative to assigned duties
- Maintain required IA certifications.
- Other duties as assigned.
Education, Credentials, and Work Experience: Required
- Level 4 -Bachelor's and 9 years of experience. Master's and 6 years of experience. PhD and 4 years
- of experience.
- Relevant experience commensurate with level.
- DoD 8570/8140 IAM Level II certification. IAM Level II certifications include CISSP, CAP, CISM, and GSLC. CISSP or CISM preferred.If candidate has relevant experience commensurate with level, IAM Level II may be obtained within 6 months of hire.
- Working experience with NIST 800-53, CNSS 1253, FISMA, and/or JSIG Rev 4.
- Strong analytical and problem-solving skills.
- Must be a US Citizen and hold an active DOE "Q" clearance (or DOD/DOJ equivalent)
- Strong analytical and problem-solving skills.
Physical Requirements: While performing the duties of this classification, the employee is frequently required to stand, walk, sit, stoop, kneel, bend, use hands to handle materials, manipulate tools, keyboard and type, reach with hands and arms, and operate job-related equipment. The employee must occasionally lift and/or move up to 30 pounds. Sufficient visual acuity and hearing capacity to perform the essential functions and interact with people is required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.. Working Conditions: The work environment is an office environment which may include stairs. The noise level is generally moderate; however, may be exposed to loud noises on occasion. Position requires working more than 8 hours/day, irregular hours, and working alone. The above statements are intended to describe the general nature and levels of work being performed by people assigned to this classification. They are not intended to be construed as an exhaustive list of all responsibilities, duties and skills required of personnel so classified. Security and Privacy Language: This position includes information security and privacy responsibilities as defined by NIST SP 800 53, OMB Circular A 130, and DOE Order 206.1A. Position must complete initial and annual role-specific training as required. The incumbent must sign and comply with all required access agreements prior to being granted access to organizational systems or data. Comply with all applicable information security and privacy policies and procedures by following established protocols, with an understanding that non-compliance may result in sanctions. Benefits and Relocation
- Medical, Dental, Vision, and Flexible Spending Accounts
- 401(k) with a 4.2% employer contribution and up to 4.8% match (regular positions) or self-contribute access (postdoctoral positions)
- Paid time off (personal leave)
- Employee Education Program (tuition assistance for eligible positions)
- Comprehensive Relocation Package
- Benefit eligibility subject to multiple factors, including employment status and position classification.
At this time, BEA will not sponsor any H1-B visas obtained outside of the United States of America (U.S.A.), including consular visas. INL is a science-based, applied engineering national laboratory dedicated to supporting the U.S. Department of Energy's mission in nuclear energy research, science, and national defense. With more than 6,300 scientists, researchers, and support staff, the laboratory works with national and international governments, universities and industry partners to change the world's energy future and secure our nation's critical infrastructure. INL Mission: Our mission is to discover, demonstrate and secure innovative nuclear energy solutions, other clean energy options and critical infrastructure. INL Vision: Our vision is to change the world's energy future and secure our nation's critical infrastructure. Selective Service Requirements: To be eligible for employment at INL males born after December 31, 1959 must have registered with the Selective Service System (SSS). For more information see www.sss.gov. Equal Employment Opportunity: Idaho National Laboratory (INL) is an Equal Employment Opportunity (EEO) employer. It is the policy of INL to provide equal employment opportunities to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran or disabled status, or genetic information. Reasonable Accommodation: We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation. Other Information: When applying to positions please provide a resume and answer all questions on the following screens. Applicants, who fail to provide a resume or answer the questions, may be deemed ineligible for consideration.
INL does not accept resumes from third party vendors unsolicited.
|