Information System Security Officer, SMC

Idaho National Laboratory is hiring an Information System Security Officer to work on our SMC Security team. Our team works a 4x10 schedule located out of our Specific Manufacturing Capabilities (SMC) desert site facility with every Friday off.

You will ensure the appropriate operational security posture for INL National Security Systems (NSS) is maintained to include ensuring implementation of DOE and INL Site cybersecurity policies, practices, and procedures. Work with NSS owners and the NSS Information System Security Manager (ISSM) and serve as advisor on all matters, technical and otherwise, involving security of the NSS. You will report to the manager for SMC Security.

Responsibilities Include:

• Conduct audits of INL NSS to ensure compliance with, NIST SP 800-53, CNSSI 1253, DISA Security Technical Implementation Guides (STIG), and NNSA Cybersecurity Service Provider (CSSP) subscriber site requirements.
• Lead and direct the development of NSS accreditation packages (i.e., system security plan, security control assessment, risk assessment, etc.) in accordance with federal directives and the Risk Management Framework (RMF).
• Identify accreditation boundaries and type of accreditation.
• Integrate applicable NSS requirements, controls, and processes into design specifications in accordance with DOE established standards, policies, procedures, guidelines, directives, and regulations and laws (statutes).
• Understand the policies, procedures, and controls required to protect network and telecommunication services and assess technical, operational, and administrative security controls as mandated by RMF standards.
• Lead others in maintaining change control, ensuring configuration management of the NSS to protect the system and data in accordance with technical, operational, and administrative security control requirements.
• Perform a variety of data collection, analysis, reporting and briefing activities associated with security operations and maintenance to ensure that the organizational security policies are implemented and maintained on the NSS.
• Verify cybersecurity awareness training and requirements are current for NSS users based on identified needs and organizational policies and within organizational time frames. Develop NSS training material as needed to support end-user training requirements.
• Coordinate with the appropriate management and security offices to ensure NSS users have the required security clearances and need-to-know authorizations before accessing information systems. Collect and track required documentation for NSS user accounts.
• Provide PKI and Trusted Agent (TA) support. Function as PKI advisory and assistance service support to NSS users. Coordinate with Registration Authorities (RA) and other Trusted Agents to accomplish tasks. Submit and respond to tickets for PKI and TA request.
• Identify, categorize, investigate, isolate, assess, and report NSS cybersecurity incidents in coordination with other organizations. Coordinate with the appropriate security offices to ensure that physical controls are implemented as required.
• Participate in the creation, review, and assessment of policies and procedures supporting the secure use and operation of INL information systems that includes, but is not limited to, system security plans, vulnerability management, risk management, configuration management, change management, and others.
• Recommend and implement improvements in cybersecurity controls.
• Work in collaboration with system owners, Information System Security Engineers (ISSE), and Information System Security Managers (ISSM). Serve as an advisor on all matters, technical and otherwise, involving security of assigned information systems.
• Establish and maintain communication channels with stakeholders.
• Review existing and proposed policies with stakeholders.
• Promote awareness of cyber policy and strategy as appropriate among management and ensure sound principles are reflected in the organization's mission, vision, and goals.
• Interpret and apply applicable laws, statutes, and regulatory documents and integrate into policy.
• Support the ISSM in the formulation of classified cyber-related policies.

Minimum Requirements:

• Level 4: Bachelor's degree in related field technical degree, computer science, computer engineering and at least 9 years of direct professional experience, Master's degree in related field technical degree, computer science, computer engineering and at least 6 years of direct professional experience.
• DoD 8570.01 M IAM Level II Certified or able to obtain within 6 months of hire.
  • IAM Level II Certification is having one of the following: CAP, CASP+ CE, CISM, CISSP (or Associate), GSLC, CCISO, or HCISPP
• Must be a US Citizen and have an active DOE "TS/Q" or equivalent DOD/DOJ security clearance.

Ideal Candidate will have:

• Preferred DoD 8570.01 M CSSP Incident Responder Certification.
  • CSSP Incident Responder Certification is having one of the following: CEH, CCNA Cyber Ops, Cisco Certified CyberOps Associate, CySA+, PenTest+, GCIH, CFR, CHFI, or GCFA

Job Information:

• The pay range for this position is $93,204 min - $191,076 max. At Idaho National Laboratory compensation decisions are determined using factors such as education, relevant experience, and other credentials.
• TDP: This is a testing designated position; you will be required to submit to a pre-employment drug screen and periodic drug testing throughout the term of your employment.

Physical Requirements

While performing the duties of this classification, the employee is frequently required to stand, walk, sit, stoop, kneel, bend, and work in an office and laboratory environment. The job requires hand/finger dexterity to keyboard or type, handle materials, manipulate tools, and reach with hands and arms. The job requires operation of job-related equipment and driving a vehicle. The employee must occasionally lift and/or move up to 30 pounds without assistance. Sufficient visual acuity and hearing capacity to perform the essential functions and interact with people is required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Benefits and Relocation

• Medical, Dental, Vision, and Flexible Spending Accounts
• 401(k) with a 4.2% employer contribution and up to 4.8% match
• Paid time off (personal leave)
• Employee Education Program (tuition assistance)
• Comprehensive Relocation Package
• Benefit eligibility subject multiple factors, including employment status and position classification.

INL is a science-based, applied engineering national laboratory dedicated to supporting the U.S. Department of Energy's mission in nuclear energy research, science, and national defense. With more than 6,300 scientists, researchers, and support staff, the laboratory works with national and international governments, universities and industry partners to change the world's energy future and secure our nation's critical infrastructure.

INL Mission

Our mission is to discover, demonstrate and secure innovative nuclear energy solutions, other clean energy options and critical infrastructure.

INL Vision

Our vision is to change the world's energy future and secure our nation's critical infrastructure.

Selective Service Requirements

To be eligible for employment at INL males born after December 31, 1959 must have registered with the Selective Service System (SSS). For more information see www.sss.gov.

Equal Employment Opportunity

Idaho National Laboratory (INL) is an Equal Employment Opportunity (EEO) employer. It is the policy of INL to provide equal employment opportunities to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran or disabled status, or genetic information.

Reasonable Accommodation

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

Other Information

When applying to positions please provide a resume and answer all questions on the following screens. Applicants, who fail to provide a resume or answer the questions, may be deemed ineligible for consideration.

INL does not accept resumes from third party vendors unsolicited.