[ Back ] [ The Roadtechs Nuclear Job Board ] [ Help ] [Edit ] [Mark Position Closed ]
Senior Engineer- Cyber Security
RFQ Number 527122
3 Years -0 options
US Citizenship Required: Yes
DUTIES AND RESPONSIBILITIES
Support the customers network requirements and mission needs. The Cyber Security Analyst is an integral role in a cross-functional team for unclassified and classified Operational Technology (OT) systems. Services shall be provided using SRNS processes and procedures. Qualified candidate will be responsible for the following duties and responsibilities, but are not limited to:
Reviewing, preparing, and updating cyber security program documents in accordance with NIST Risk Management Framework and customer policy, procedures, and guidelines.
Perform self-assessments to ensure compliance with cyber security controls.
Perform risk management identifying, documenting risks, and mitigating risks.
Oversee baseline configuration management compliance - conduct manual STIG checklists and remediation.
Ensure OT systems and network nodes are operated, maintained, and disposed of in accordance with security policies and practices.
Develop, deliver, and monitor compliance with security trainings as necessary.
Provide leadership, mentoring, and quality assurance for team members as a security expert.
Manage and maintain required documentation and databases for both internal use and distribution.
Assemble configuration management and Assessment & Authorization (A&A) packages to submit to ISSO and federal oversight.
Support risk assessment and evaluation activities throughout the Security Authorization or site accreditation process.
Identify and analyze existing OT Security processes and procedures to ensure it meets new OT security goals and objectives.
Associate Degree in Computer Science, Engineering, Information Technology or similar discipline and 12 years of professional experience in a technical role. In lieu of degree, a high school diploma with typically greater than 16 years of equivalent knowledge and experience is acceptable.
Certifications such as: Security+, CASP+, GIAC Certifications, CISSP preferred.
Extensive knowledge and experience with information security standards, policies and practices (e.g. NIST, FISMA,) preferred.
Well versed with using vulnerability assessment tools (e.g. NESSUS, DISA STIG, SCAP) preferred.
Knowledgeable with Systems Development Lifecycle (SDLC) methodologies and continuous monitoring activities preferred.
Extensive experience analyzing information technology and system risk in complex environments and articulating results (verbal/reports) to all levels of management preferred.
Demonstrated experience conducting security controls assessments and applying standard auditing techniques during system security controls assessments, including the proper interpretation of the control requirements, determining if the artifacts provided are sufficient, and recommending remedial actions to the customer to ensure compliance.
Ability to research and address information security issues as required, being an authority on the subject.
A 40-hour work week is scheduled. SRNS utilizes various work schedules; including 5/8s (8 hours/day; five days per week), 4/10s (10 hours/day; four days per week), and 9/80s (9 hours/day, five days on week A and 4 days on week B). Workweek excludes SRNS holidays and each workday has a 30-minute unpaid lunch break. SRNS Management will determine best schedule depending on work needs.
Area Security Access:
Candidate must have the ability to obtain and maintain a DOE Q security clearance. Supplier shall possess a positive FOCI determination from DOE which includes Q security clearance level. An active DOE clearance is not initially required to perform assigned duties.
For Immediate consideration, please submit resumes to email@example.com and firstname.lastname@example.org.
UDR Consulting, INC is a Service-Disabled Veteran-Owned, Woman-Owned, Minority-Owned, Small Disadvantaged Business. An Equal Opportunity Employer that supports a drug-free work environment.
****** www.UDRConsultinginc.com ******