Under regular supervision, assists with the investigation, design, and development of software and/or hardware security. Support the security of SRS resources through designing/implementing/evaluating measures tied to the NIST Core Cyber. Framework: Identify, Detect, Respond and Recover.

Job Duties and Responsibilities
Safety is a primary responsibility in each job performed. Obtain safety training, obey safety rules. And make safety an integral part of each task. Take the necessary steps to stop work if continuing the job is unsafe or will create an unsafe condition. Under regular supervision, assists with the investigation, design, and development of software and/or hardware security technologies for SRS. Work with vendors to develop technical solutions for site computer security needs. Maintain the integrity of computer workstations, servers, and networks by maintaining access controls and software lifecycle process as needed. Ensure data integrity and confidentiality through implementing the use of both encryption and data retention technologies. Increase technical abilities through specialized vendor training, manuals and technical journals, software seminars, informational meetings, and practical experience. Ensure that site/company policies and procedures are tied to customer. Requirements and our evaluated for effectiveness and proper implementation.
Must be able to participate in group problem solving including communicating effectively with both technical and nontechnical personnel, respect the ideas of others and accept the judgment of the group. Must be familiar with available resource materials and be able to conduct timely research. Must have a sense of when to ask for help and be comfortable in accepting guidance from other more senior technical personnel.
Motivated and detail-oriented entry-level Cyber Security Professional to join our Network Monitoring team. This position is ideal for candidates with foundational knowledge in cyber security who are ready to further develop their skills in a dynamic, mission-focused environment. The role is designed for individuals at the entry level. Onsite with limited telework from your primary residence.
The successful candidate will work closely with experienced cybersecurity staff and receive training in cybersecurity policies, best practices, and real-world defensive strategies. This collaborative environment will help the candidate build a strong foundation in both technical and procedural aspects of cybersecurity, while contributing to the protection of critical infrastructure.

Education and Experience
Must be a US Citizen
Bachelors degree in IT related discipline (e.g., Information Technology, Computer Technology. Software Engineering, Computer Science, Computer Engineering); or
Non-related bachelors degree with 2 years proven performance in related assignment(s); or
Associate degree in IT related discipline (e.g. Information Technology, Computer Technology, Software Engineering,
Computer Science, Computer Engineering) with 2 years proven performance in related assignment(s); or
Non-related associate degree with 4 years proven performance in related assignment(s).
In lieu of degree, a high school diploma with at least 6 years of equivalent knowledge and experience is acceptable.
Assist in developing, documenting, and maintaining common control implementations and associated artifacts.
Support activities related to the NIST RMF lifecycle, including categorization, control selection, implementation, assessment, authorization, and continuous monitoring.
Conduct in-depth research on cybersecurity policies, NIST guidance, DOE/NNSA directives, and industry best practices.
Prepare and update security documentation such as control implementation summaries, procedures, and system security artifacts.
Collaborate with senior cybersecurity staff to ensure consistent application of cybersecurity requirements.
Participate in internal assessments, gap analyses, and compliance reviews.
Knowledge of basic cybersecurity protections, principles, or frameworks. (Required)
Knowledge of basic computer and networking concepts, principles, and practices. (Required)
Strong written communication and composition abilities. (Required)
Demonstrated willingness to learn complex cybersecurity requirements and regulatory environments. (Required)
Ability to work on-site with limited teleworking options. (Required)
Strong research and analytical skills. (Required)
Exposure to NIST SP 800-series guidance or the Risk Management Framework. (preferred)
Experience supporting cyber security concepts such as categorization, control
selection, implementation, assessment, authorization, and continuous monitoring (preferred)
Familiarity with governance, compliance, or technical documentation. (preferred)

Area Security
Access: Candidate must be able to obtain and maintain a DOE Q security clearance. An active DOE clearance is not initially required to perform assigned duties. After award, the selected candidate will be notified when to apply for a clearance based on specific work assignments

Work Hours
A 40-hour work week is scheduled. SRNS utilizes various work schedules including 5/8s (8 hour/day; five days per week), 4/10s (10 hours/day; four days per week), and 9/80s (9 hours/day, five days on week AA and four days on week BB. Work week excludes SRNS holidays. Each workday has 30 minutes lunch. Overtime will be expected at times to meet deliverables and will be utilized at the discretion of the Manager.

Work Environment / Physical Demands
This job operates in a professional office environment and uses standard office equipment such as computers and phones.
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions.
o Ability to sit/ stand for up to 8 hours per day.
o Ability to move freely for up to 8 hours per day.

DISCLAIMER: The information contained herein is not intended to be an all-inclusive list of the duties and responsibilities of the job, nor are they intended to be an all-inclusive list of the skills and abilities required to do the job. While this is intended to be an accurate reflection of the current job, management reserves the right to revise the job or to require that other or different tasks be performed as assigned. This job description doesn't constitute a contract of employment and the company may exercise its employment-at-will rights at any time.