See all jobs in Oak Ridge TN
Job Location: Oak Ridge, TN
Requisition Id 1328
The Information Technology Services Division (ITSD) in the Business Services Directorate at the Oak Ridge National Laboratory is seeking qualified applicants for the position of Cyber Security Analyst to immediately assist in supporting the ongoing research endeavors at ORNL. This analyst will be at the forefront of ensuring that research needing to be accomplished on ORNL systems is documented and assessed to ensure necessary compliance. This job requires excellent writing and communication skills combined with a mindset that is both concise and sufficient in passing along required assessments, documentation, etc.
- Monitor and allocate risk management compliance requirements, develop and implement policies, procedures, guidance, and templates which implement risk management requirements.
- Maintain risk management documentation.
- Assist in training of ORNL staff in compliance requirements.
- Assist in risk assessment process by developing and maintaining templates, reviewing and revising system security plans, and working with system owners to develop mitigations to security issues in their systems.
- Support data calls and audits via assistance in data collection, organization, and presentation.
- Develop security plans, security test plans, and other accreditation documents for ORNL computer systems.
- Assist in the organization and maintenance of system accreditation documentation.
- Assist in establishing continuous monitoring programs using cyber security monitoring tools.
- Perform Information Technology Security Assessments of National Security Systems (NSS).
- Ensure a risk-based compliance with cyber security policy and best value implementation of cyber security tools to
- support continuous monitoring, intrusion prevention, and containment of any computing resources in the ORNL environment.
- Utilize scanning tools to determine network vulnerabilities and coordinate a risk-based response to remediation.
- Utilize configuration management database to perform assessments against cyber security controls, identify vulnerabilities and security findings, and ensure risk-based remediation.
- Conduct risk-based analysis of network security posture.
- Be able to support on-call rotation work.
- Bachelor`s Degree in Computer Science or related field
- 6 years of relevant computer security experience, or an equivalent combination of education and experience.
- Requires background experience in security control assessment or system security planning.
- Must be able to obtain and maintain a DOE Q/SCI clearance.
- Demonstrated experience identifying and resolving technical issues in a project team environment, while remaining flexible and meeting the needs of the business.
- Highly motivated individual with an enthusiasm for cyber security and risk management, who strives for excellence, possesses a deep understanding of all aspects of cyber security technologies and will drive success.
- Ability to work independently, as well as having outstanding teamwork skills.
- Excellent interpersonal skills; must interface well with all management levels, system owners, administrative personnel, highly technical cyber security analysts, and risk management analysts.
- Ability to provide outstanding customer support and possess the ability to work well with peer security professionals,
- system administrators, desktop support specialists, and help desk specialists.
- In-depth understanding of network technologies, as well as in-depth understanding of cyber security threat landscape to support risk management decisions and mitigation strategies.
- Experience in FedRAMP and assessing cloud security controls.
- 7 or more years of relevant computer security experience.
- Ability to evaluate policy requirements, develop and implement documentation, and communicate technical concepts orally and in writing.
- Solid understanding of security architecture, policies, and security capabilities of major operating systems.
- Familiarity with operations and technical aspects of cyber security technologies such as authentication systems, firewalls, incident response, intrusion detection, network and host-based security.
- Familiarity with business continuity planning, risk management, qualitative risk assessments, and governance, risk
- management and compliance processes.
- Familiarity with implementing mitigating controls such as perimeter defenses, virus protection, vulnerability scanning,
- Familiarity with FIPS 199, NIST SP 800-37, NIST SP 800-26, NIST SP 800-53, NIST SP 800-18, 0MB Circular A-130, 0MB Circular A-123, CNSSI 1253.
- Familiarity with risk-based security implementation in collaboration with customers doing work/research is desirable.
- Familiarity with DOE environment and certification and accreditation processes. Knowledge of certification and
- accreditation processes used in other Federal Agencies.
- Demonstrate knowledge and expertise commensurate with CISSP, CISA, or CISM certification is desirable and have an enthusiasm for adding to their skillset.
It is required of this position the ability to obtain and maintain a clearance from the Department of Energy, which requires US Citizenship. As such, this position is a Workplace Substance Abuse program (WSAP) testing designed position which requires passing a pre-placement drug test and participation in an ongoing random drug testing program in which employees are subject to being randomly selected for testing. The occupant of this position will also be subject to an ongoing requirement to report to ORNL any drug-related arrest or conviction or receipt of a positive drug test result.
This position will remain open for a minimum of 5 days after which it will close when a qualified candidate is identified and/or hired.
We accept Word (.doc, .docx), Adobe (unsecured .pdf), Rich Text Format (.rtf), and HTML (.htm, .html) up to 5MB in size. Resumes from third party vendors will not be accepted; these resumes will be deleted and the candidates submitted will not be considered for employment.
If you have trouble applying for a position, please email THIS EMAIL .
ORNL is an equal opportunity employer. All qualified applicants, including individuals with disabilities and protected veterans, are encouraged to apply. UT-Battelle is an E-Verify employer.
Oak Ridge National Laboratory
ORNL is an equal opportunity employer. All qualified applicants, including individuals with disabilities and protected veterans, are encouraged to apply. UT-Battelle is an E-verify Employer.