Cyber Security Policy Officer

Itr Co. Ltd - Oak Ridge, TN

posted 25 days ago

Full-time - Mid Level
Oak Ridge, TN
Food Services and Drinking Places

About the position

The Cyber Security Policy Officer plays a crucial role in assisting the Information Systems Security Manager (ISSM) and the Chief Information Security Officer (CISO) in the certification and accreditation of systems and networks, as well as the implementation of cybersecurity requirements across the Department of Energy (DOE) facility. This position is integral to safeguarding critical infrastructure and sensitive information, promoting collaboration, and ensuring compliance with cybersecurity best practices.

Responsibilities

  • Assist the ISSM and CISO in the certification and accreditation (C&A) of systems/networks.
  • Implement cybersecurity requirements and procedures across the DOE facility.
  • Ensure systems are operated, maintained, and disposed of according to DOE security policies and procedures.
  • Perform documented procedures for authorizing users to access information systems.
  • Develop and maintain System Security Plans (SSPs) for system C&A.
  • Manage Plans of Action and Milestones to closure for information systems under accreditation.
  • Provide guidance on policies and controls to support appropriate levels of risk.
  • Facilitate risk tolerance discussions and recommend controls based on industry standards.
  • Participate in internal/external compliance audits and assessments.
  • Identify and recommend process improvements.
  • Assist with annual self-inspections and security testing on systems/networks.

Requirements

  • Bachelor's degree with 5-7 years of relevant experience in cybersecurity assessments, risk management, and compliance.
  • Ability to obtain and maintain a DOE Q security clearance or equivalent.
  • Strong analytical and organizational skills with problem-solving capabilities.
  • Demonstrated experience implementing compliance frameworks such as NIST.
  • Excellent interpersonal, verbal, written, and presentation communication skills.
  • Thorough understanding of industry standards and regulations including NIST 800-53 and NIST Cybersecurity Framework.

Nice-to-haves

  • Active DOE Q or TS security clearance or equivalent.
  • Master's degree in information assurance or related field with 4-6 years of relevant experience.
  • Significant experience with control systems security.
  • Cybersecurity certifications such as CISSP, CISA, CISM, CRISC, CCSP, SSCP.
  • Experience in obtaining Authority to Operate (ATO) for DOE government systems.

Benefits

  • Health insurance
  • 401k
  • Paid holidays
  • Flexible scheduling
  • Professional development opportunities

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service