Share this Job

Deputy National Security Systems Information Systems Security Officer

Date: Nov 17, 2022

Location: Oak Ridge, TN, US, 37830

Company: Oak Ridge National Laboratory

Requisition Id 9292 

Overview: 

Oak Ridge National Laboratory is currently seeking qualified applicants to serve as a Deputy National Security Systems (NSS) Information Systems Security Officer (ISSO) and TEMPEST Coordinator. The successful candidate should have a basic understanding of cyber security principles, DOE cyber security requirements, security planning, TEMPEST, and networking principles. Duties will include assisting the NSS ISSO with maintaining a secure, compliant NSS cyber security program, analysis, design, and implementation of NSS networks, TEMPEST assessments, documentation, and reporting.  The successful candidate will be expected to collaborate with other teams across the lab, to include Information Technology, Physical Security, Classification Office, Cybersecurity, Lab Internal Audit, and others as appropriate.

 

Major Duties/Responsibilities: 

  • Aid the NSS ISSO/Program Coordinator in the certification and accreditation (C&A) of systems/networks and implementation of cyber security requirements and procedures across the Oak Ridge National Laboratory (ORNL)
  • Ensure systems are operated, maintained, and disposed of in accordance with DOE and ORNL security policies and procedures and as outlined in applicable SSPs
  • Establish and perform documented procedures for authorizing users to NSS information systems
  • Develop and maintain SSPs for system C&A
  • Provide guidance on policies and controls to support appropriate levels of risk, facilitate risk tolerance discussions and decisions, and recommend controls based on industry standards and practices
  • Participate in internal/external compliance audits, reviews, self-assessments, assessments, and data calls
  • Identify, promote, and implement process improvements
  • Manage the operation activities of the ORNL TEMPEST program including assessment and reviews, countermeasure implementation  and ensuring compliance with applicable TEMPEST orders and national instructions
  • Coordinate and be the contact for TEMPEST matters involving instrument testing
  • Ensure significant incident and threat information received from the DOE Technical Security Program office is disseminated to appropriate personnel
  • Stay current with all required TEMPEST training and certifications
  • Manage firewalls, update firewall rules, update IDS rules, ensure firewalls are STIG compliant
  • Manage switches, enable and lock ports, perform configuration backups
  • Maintain compliance of all network equipment with applicable DOE and ORNL requirements, track office drops, document all thin/thick clients, printers and VTC units
  • Track network IP addresses
  • Manage fiber drops, maintaining inventory of patch cables, submit and track equipment orders, racks, fiber trunks panels as well as work orders for fiber terminations and installs
  • Other duties as assigned for support within the program

 

Basic Qualifications:

  • Bachelor’s degree in IT, Cyber, or related field and at least 8 years of experience in one or more of the following fields; cyber policy, risk management, governance and compliance, security controls assessment, networking, or system administration (a combination of education and experience may be considered for exceptional candidates)
  • Strong analytical and organizational skills as well as problem solving capabilities to understand network principles, cyber risk and exposure (legal, regulatory violations, etc.) to ORNL
  • Facilitation and project management knowledge, skills, and abilities
  • Demonstrated excellent interpersonal, verbal, written and presentation communication skills and demonstrated ability to interact with all levels of internal and external stakeholders
  • Strong customer service, networking, and teamwork skills with all levels of internal and external personnel, demonstrated ability to work with all levels of an organization
  • Thorough understanding of industry standards and regulations including NIST 800-53, NIST Risk Management Framework, and CNSS Instructions
  • Ability to work independently and meet deadlines
  • Exceptional communication, problem-solving and negotiation skills
  • High ethical standards and operates with integrity and professionalism
  • Must be able to obtain and maintain a DOE Q security clearance

 

Preferred Qualifications:

  • Master’s Degree in Information Assurance or related field
  • Minimum seven years’ experience working in an information security, information technology or information risk management related field
  • Cyber Security certifications (CISA, CISM, CRISC, CISSP)
  • TEMPEST and COMSEC certifications and experience
  • Cyber security, evaluating security controls, identifying control gaps, and mitigating measures along with a strong understanding of business practices and technology concepts
  • Highly motivated individual with an enthusiasm for governance, risk and compliance who can communicate benefits and drive success
  • Experience gaining an Authority to Operate (ATO) for a government system
  • Proven track record of prioritizing tasking and meeting established deadlines
  • Active DOE Q or TS clearance

 

Special Requirements:

Q clearance:

This position requires the ability to obtain and maintain a clearance from the Department of Energy. As such, this position is a Workplace Substance Abuse (WSAP) testing designated position. WSAP positions require passing a pre-placement drug test and participation in an ongoing random drug testing program.

 

#LI-DC1 

 

This position will remain open for a minimum of 5 days after which it will close when a qualified candidate is identified and/or hired.

We accept Word (.doc, .docx), Adobe (unsecured .pdf), Rich Text Format (.rtf), and HTML (.htm, .html) up to 5MB in size. Resumes from third party vendors will not be accepted; these resumes will be deleted and the candidates submitted will not be considered for employment.


If you have trouble applying for a position, please email ORNLRecruiting@ornl.gov.


ORNL is an equal opportunity employer. All qualified applicants, including individuals with disabilities and protected veterans, are encouraged to apply.  UT-Battelle is an E-Verify employer.


Nearest Major Market: Knoxville