Information Systems Security Officer

Requisition Id 11661

Overview:

We are currently seeking qualified applicants with Information Systems Security Officer (ISSO) experience to support Secure Operations for classified operations in the areas of Classified Intelligence Information Technology (IT)/Information Assurance (IA), Classified R&D Computing, and physical and personnel security in the Field Intelligence Operations Division (FIOD). Under the Department of Energy (DOE), Office of Intelligence and Counterintelligence (IN) authorities, the FIE serves as the ORNL focal point for all intelligence community matters and supports national security science by providing secure IT, communications, facilities, and analysis.

Purpose:

Assist the Information Systems Security Manager (ISSM) in the certification and accreditation (C&A) of systems/networks and implementation of cyber security requirements and procedures across the National Security Sciences Directorate at Oak Ridge National Laboratory (ORNL). The National Security Sciences Directorate conducts research and development to solve some of the nations most difficult security challenges and adversaries. The directorate houses S&T leadership in cybersecurity and cyber-physical resiliency, data analytics, geospatial science and technology, nuclear nonproliferation, and high-performance computing for sensitive national security missions. NSSD draws on the Laboratorys exceptional facilities and work closely with leading researchers in other areas at the lab such as nuclear and chemical sciences and engineering, applied materials, advanced manufacturing, biosecurity, transportation, and computing. Our multi-disciplinary research teams are passionate about discovery and innovation as we create science-based solutions to complex security threats that put public safety, national defense, energy infrastructure, and our economy at risk.

Our commitment to diversity:

As we strive to become the worlds premier research institution in the sciences and technologies that underpin critical national security missions, we are committed to creating an inclusive environment that highly values a diverse workforce. We recognize that a breadth of perspectives, insights, and experiences are necessary to drive the level of innovation and discovery in national security sciences. Our commitment extends beyond our workforce to the next generation of researchers with STEM education outreach that seeks to engage a diverse range of students.

Duties and Responsibilities:

The ISSO is a primary stakeholder and facilitator of the continuous monitoring efforts that promote RMF compliance throughout the organization. The ISSO provides clear direction and assists programmatic IT and infrastructure support personnel with the application of security patches and secure configurations. Routine collaboration and consultation with the Information Systems Security Manager (ISSM) regarding the design, development, integration, and analysis of classified information systems. Under general supervision, the candidate is responsible for performing a full range of Information Assurance functions in support of the security needs of the ORNL FIE ISSM/Group lead.

These responsibilities include:

• Ensure systems are operated, maintained, and disposed of in accordance with DOE security policies and procedures and as outlined in applicable System Security Plans (SSPs).
• Establish and perform documented procedures for authorizing users to classified information systems. Perform annual user account reviews.
• Assist the ISSM in implementing and enforcing cyber security policies at multiple facilities.
• Develop and maintain SSPs for system C&A in the Xacta application.
• Manage Plans of Action and Milestones to closure for information systems under accreditation.
• Conduct periodic reviews to ensure system compliance with SSPs.

• Ensure configuration management procedures for security-relevant software, hardware, and firmware is maintained and documented. Perform as required on change control review boards and evaluate vulnerabilities to classified systems under configuration management.
• Ensure that system recovery processes are implemented and monitored to ensure that system data, security features, and procedures are properly restored. Develop contingency plans to meet recovery time objectives and ensure that contingency plans are tested and that results / lessons learned are incorporated into updates to the plans.
• Assist the ISSM with annual self-inspections, system certification testing, periodic security testing, and functional testing on systems/networks.
• Review and analyze information system audit records at least weekly.
• Perform approved Authorized Data Transfers between systems of same or different classification.
• Perform established procedures for media management.
• Document best practices and local security procedures; and training users on these procedures.
• Consistently apply appropriate ES&H standards.
• Maintain a strong commitment to the implementation and perpetuation of values and ethics.
• Deliver ORNLs mission by aligning behaviors, priorities, and interactions with our core values of Impact, Integrity, Teamwork, Safety, and Service. Promote diversity, equity, inclusion, and accessibility by fostering a respectful workplace - in how we treat one another, work together, and measure success.

Basic Requirements:

• Bachelors degree in information technology or technical equivalent with a minimum of three years of cyber security experience in the C&A process and other cyber security operations.
• Working knowledge of NIST and CNSSI requirements, general computer system functions, technical security safeguards, operational security measures, and possess the capability to interpret and implement cyber security requirements.
• Excellent written and oral communication skills.
• Demonstrated organizational skills.
• Must be organized, self-motivated and be able to work with minimal guidance.

Desired Skills:

• Current TS clearance with SCI eligibility

Special Requirement:

This position requires the ability to obtain and maintain a Sensitive Compartmented Information (SCI) clearance from the Department of Energy. As such, this position is a Workplace Substance Abuse (WSAP) testing designated position. WSAP positions require passing a pre-placement drug test and participation in an ongoing random drug testing program. In addition, due to the SCI, you may also be subject to random polygraph testing.

This position will remain open for a minimum of 5 days after which it will close when a qualified candidate is identified and/or hired.

We accept Word (.doc, .docx), Adobe (unsecured .pdf), Rich Text Format (.rtf), and HTML (.htm, .html) up to 5MB in size. Resumes from third party vendors will not be accepted; these resumes will be deleted and the candidates submitted will not be considered for employment.

If you have trouble applying for a position, please email ORNLRecruiting@ornl.gov.

ORNL is an equal opportunity employer. All qualified applicants, including individuals with disabilities and protected veterans, are encouraged to apply. UT-Battelle is an E-Verify employer.