Cyber Security Policy Analyst
Company: Battelle Energy Alliance
Location: Idaho Falls
Posted on: June 15, 2019
Job Title: Cyber Security Policy Analyst
Grade: 200/220 Org: Information Assurance
Contact: Pam Staples, Pamela.Staples@inl.gov
Work Location: Idaho Falls, ID (Town, 9x80 schedule)
Empowering the Nation's Energy Future
MISSION: Discover, demonstrate and secure innovative nuclear energy
solutions, other clean energy options and critical
VISION: INL will change the world's energy future and secure our
Idaho National Laboratory (INL) is seeking a Cyber Security Policy
Analyst to join the Information Assurance Team.
1. Leads and participates in activities that provide policy and
governance for the Idaho National Laboratory Cyber Security
Program. Leads and participates in the creation, review, and
assessment of policies and procedures supporting the security for
computing systems that include but are not limited to System
Security Plans, Vulnerability Management, Risk Management,
Configuration Management, Change Management, and others.
2. Provides knowledge and expertise in government regulatory
processes and documentation, including but not limited to U.S.
Department of Energy (DOE)'s Risk Management Approach (RMA),
National Institute of Standards and Technology (NIST) standards,
and DOE Idaho Operations Office policies and procedures.
3. Supports Cyber Security program automation by designing,
implementing, and maintaining automated workflow tools, program
dashboards, and report builders using web scripting languages.
Integrates software tools into a suite of applications to provide
timely, comprehensive, and continuous information for auditing,
reporting, and compliance purposes.
4. Provides direction and support for a system's information
assurance program through security authorization activities in
compliance with INL's risk management framework. Responsible for
ensuring the appropriate operational security posture for the INL
information systems is maintained to include ensuring
implementation of DOE and INL Site cyber security policies,
practices, and procedures. Works in collaboration with system owner
and INL's Cyber Security ISSM. Serves as an advisor on all matters,
technical and otherwise, involving security of assigned information
5. Leads internal and external assessments/audits of INL's
Information Technology, Managed Services, Cloud Services, and other
services as required. Is responsible for the assessment of the
system security protection measures and documentation for
applicable systems. Makes and implements recommendations for
improvements in cyber security controls.
6. Must be highly flexible in work assignments to allow for
continual changes in work direction. Assists in all cyber security
efforts including continuous monitoring, reporting, participation
on project teams, incident management, and supporting the
Information System Security Manager (ISSM). Manages complex tasks
and assignments working independently.
MINIMUM QUALIFICATION REQUIREMENTS (EDUCATION AND/OR
Bachelors plus 5 years experience or a Masters degree plus 3 years
of experience or a PhD plus 2 years or 13 years relevant experience
in lieu of a degree.
Minimum of 1 year of relevant experience with programing and
application development. Familiarity and experience with web
HTML, and XML is preferred.)
Must be able to obtain and maintain a DOE Q security clearance.
Strong analytical and problem solving skills
Must have a desire for achieving excellence in customer
satisfaction, process and product quality and reliability
Must have experience in working with distributed team members
Must be extremely detail-oriented with respect to documentation and
Strong communication and interpersonal/team skills
Strong presentation skills
Ability to prepare and maintain policies and procedures with an
emphasis on cyber security controls per the DOEs Risk Management
SPECIAL REQUIREMENTS AND/OR TRAINING:
Must be knowledgeable of the U.S. Department of Energy (DOE) Cyber
Security controls and requirements and Department of Defense (DOD)
Security Technical Implementation Guides. The Information
Technology (IT) field and specifically the Cyber Security
discipline are rapidly changing environments. The employee is
required to obtain specialized training and certification in IT and
Cyber Security disciplines. The specific training and certification
will vary based upon current technologies and threat conditions.
Examples of the training and certification are Certified
Information System Security Professional (CISSP), and SANS Global
Information Assurance Certification (GIAC).
SELECTIVE SERVICE REQUIREMENTS
To be eligible for employment at INL males born after December 31,
1959 must have registered with the Selective Service System (SSS).
This includes U.S. born and naturalized citizens, parolees,
undocumented immigrants, legal permanent residents, asylum seekers,
refugees, and all males with visas of any kind which expired more
than 30 days ago. The few individuals who are exempt from this
requirement are those on current non-immigrant visas. For more
information see www.sss.gov.
EMPLOYEE JOB FUNCTIONS
Employee Job Functions are physical actions and/or working
conditions associated with the position. These functions may also
constitute essential functions for the job position which the
employee must be able to fulfill, with or without accommodation.
Information provided below is to help describe the job so that the
applicant has a reasonable understanding of the job
duties/expectations. An applicant's ability to perform and/or
tolerate these actions and conditions will be discussed and
workplace accommodations may be made on a case-by-case basis
following an individualized assessment of the applicant and other
considerations, including but not limited to any governing safety
MOTOR ABILITIES: Fine motor control (hands), Repetitive work.
SPECIAL SENSES: Visually demanding work, Near vision.
WORK CONDITIONS: Typing/keyboard, Working alone.
CERTIFICATION EXAM(S): Testing Designated Position (TDP).
PLEASE APPLY BEFORE:
August 5, 2019 (midnight, MST)
ENVIRONMENTAL, SAFETY AND HEALTH STATEMENT
Must be familiar with, and comply with all relevant health and
safety requirements. Must be knowledgeable of emergency action
policies and procedures, methods for reporting/resolving work
practices or conditions to available cognizant professionals.
When applying to positions please provide a resume and answer all
questions on the following screens. Applicants, who fail to provide
a resume or answer the questions, may be deemed ineligible for
INL is a science-based, applied engineering national laboratory
dedicated to supporting the U.S. Department of Energy's mission in
nuclear energy research, science, and national defense. With more
than 4,300 scientists, researchers and support staff, the
laboratory works with national and international governments,
universities and industry partners to discover new science and
develop technologies that underpin the nation's nuclear and
renewable energy, national security and environmental missions.
EQUAL EMPLOYMENT OPPORTUNITY
Idaho National Laboratory (INL) is an Equal Employment Opportunity
(EEO) employer. It is the policy of INL to provide equal employment
opportunities to all qualified applicants without regard to race,
color, religion, sex, sexual
Keywords: Battelle Energy Alliance, Idaho Falls , Cyber Security Policy Analyst, Professions , Idaho Falls, Idaho
Didn't find what you're looking for? Search again!