Cyber Security Policy Analyst
Company: Battelle Energy Alliance
Location: Idaho Falls
Posted on: March 8, 2019
Job Title: Cyber Security Policy Analyst
Grade: 190/200 Org: Information Assurance
Contact: Pam Staples, Pamela.Staples@inl.gov
Work Location: Idaho Falls, ID (Town, 9x80 work schedule)
*****THIS IS A MULTI-LEVEL POSTING*****
Empowering the Nation's Energy Future
MISSION: Discover, demonstrate and secure innovative nuclear energy solutions, other clean energy options and critical infrastructure.
VISION: INL will change the world's energy future and secure our critical infrastructure.
Idaho National Laboratory (INL) is seeking a Cyber Security Policy Analyst to join the Information Assurance Team.
Functions for this position are:
1. Leads and participates in activities that provide policy and governance for the Idaho National Laboratory Cyber Security Program. Leads and participates in the creation, review, and technical assessment of all policies and procedures supporting the security for computing systems that include but are not limited to System Security Plans, Vulnerability Management, Risk Management, Configuration Management, Change Management, and others. This position provides knowledge and expertise in government regulatory processes and documentation, including but not limited to U.S. Department of Energy (DOE)'s Risk Management Approach (RMA), National Institute of Standards and Technology (NIST) standards, and DOE Idaho Operations Office policies and procedures.
2. From a technical perspective, leads internal and external assessments/audits of INL's Information Technology, Managed Services, Software as a Service, and all other services. Is responsible for the assessment of the system security protection measures and documentation for applicable systems. Makes recommendations for improvements in cyber security controls. Performs oversight surveys and assessments of INL computing systems, networks, and services to ensure mandated controls have been implemented as required by Federal regulations. Develops advanced concepts and techniques in the cyber security assessment program.
3. Performance, development and implementation of unclassified cyber security program consistent with NIST guidance. Must be highly flexible in work assignments to allow for continual changes in work direction. Assists in all cyber security efforts including continuous monitoring, reporting, participation on project teams, incident management, and supporting the Information System Security Manager (ISSM). Manages complex tasks and assignments working independently.
4. Provides direction for cloud services, mobile connectivity, and SaaS activities. This position works closely with the mission organizations to provide guidance, training and tools necessary for protecting INL. Emphasis will be placed upon protecting the Intellectual Property (IP) and reputation of the laboratory.
5. Performs technical reviews, review scans, and helps lead the organization forward. Responsible for ensuring that the cyber security strategic direction is successfully implemented.
Minimum Qualification Requirements (Education and/or Experience):
Bachelors degree plus 2 years relevant experience or a Masters degree and 1 year of relevant experience or 10 years related experience in lieu of a degree.
Degree Preferred. Must be able to obtain and maintain a DOE L security clearance.
Strong analytical and problem solving skills
Must have a desire for achieving excellence in customer satisfaction, process and product quality and reliability
Must have experience in working with distributed team members
Must be extremely detail-oriented with respect to documentation and communication
Strong communication and interpersonal/team skills
Strong presentation skills
Ability to prepare and maintain policies and procedures with an emphasis on cyber security controls per the DOEs Risk Management Approach
Ability to accomplish audit of information systems with an emphasis on cyber security controls per the DOEs Risk Management Approach
Technical proficiency in developing cyber security policies and procedures
Initiative Anticipates areas needing assistance. Proposes solutions and/or improvements
Strong computer skills, including MS Word, Excel, and PowerPoint Desired Attributes
Certified by a professional organization as an instructional specialist is desired
Knowledge of Federal Cyber Security regulatory requirements pertinent to DOE is desired
Special Requirements and/or Training:
Must be knowledgeable of the U.S. Department of Energy (DOE) Cyber Security controls and requirements and Department of Defense (DOD) Security Technical Implementation Guides. The Information Technology (IT) field and specifically the Cyber Security discipline are rapidly changing environments. The employee is required to obtain specialized training and certification in IT and Cyber Security disciplines. The specific training and certification will vary based upon current technologies and threat conditions. Examples of the training and certification are Certified Information System Security Professional (CISSP), and SANS Global Information Assurance Certification (GIAC).
SELECTIVE SERVICE REQUIREMENTS
To be eligible for employment at INL males born after December 31, 1959 must have registered with the Selective Service System (SSS). This includes U.S. born and naturalized citizens, parolees, undocumented immigrants, legal permanent residents, asylum seekers, refugees, and all males with visas of any kind which expired more than 30 days ago. The few individuals who are exempt from this requirement are those on current non-immigrant visas. For more information see www.sss.gov.
EMPLOYEE JOB FUNCTIONS
Employee Job Functions are physical actions and/or working conditions associated with the position. These functions may also constitute essential functions for the job position which the employee must be able to fulfill, with or without accommodation. Information provided below is to help describe the job so that the applicant has a reasonable understanding of the job duties/expectations. An applicant's ability to perform and/or tolerate these actions and conditions will be discussed and workplace accommodations may be made on a case-by-case basis following an individualized assessment of the applicant and other considerations, including but not limited to any governing safety standards.
MOTOR ABILITIES: Repetitive work.
SPECIAL SENSES: Visually demanding work, Near vision.
WORK CONDITIONS: Typing/keyboard.
CERTIFICATION EXAM(S): Testing Designated Position (TDP).
PLEASE APPLY BEFORE:
April 15, 2019 (midnight, MST)
ENVIRONMENTAL, SAFETY AND HEALTH STATEMENT
Must be familiar with, and comply with all relevant health and safety requirements. Must be knowledgeable of emergency action policies and procedures, methods for reporting/resolving work practices or conditions to available cognizant professionals.
When applying to positions please provide a resume and answer all questions on the following screens. Applicants, who fail to provide a resume or answer the questions, may be deemed ineligible for consideration.
Idaho National Laboratory (INL) is an Equal Employment Opportunity (EEO) employer. It is the policy of INL to provide equal employment opportunities to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran or disabled status, or genetic information.
Keywords: Battelle Energy Alliance, Idaho Falls , Cyber Security Policy Analyst, Professions , Idaho Falls, Idaho
Didn't find what you're looking for? Search again!