Cyber Security Specialist - ISSO

This position provides Information Systems Security and cyber security support for the Enterprise Information Services for the Department of Energy (DOE) Savannah River Operations Office (DOE-SR), at the Savannah River Site (SRS) in Aiken, SC.

Responsibilities: 

• The ISSO for DOE-SR is responsible for ensuring that the appropriate operational security posture is maintained for their assigned boundaries and/or sub-boundaries. This individual also serves as an advisor on all matters, technical and otherwise, involving the security of the boundaries.
• Performing security analyses to ensure that cyber security requirements are applied to all systems and system components within the accreditation boundaries under their purview.
• Developing outcome-based measures (metrics) to determine the effectiveness and efficiency of the cyber security program and security controls.
• Determining the level of compliance with system security plan(s) control measures
• Identifying risks and mitigations
• Compiling the documentation required for the authorization package
• Ensuring that each system under ISSO jurisdiction is covered by an authorization package
• Ensuring that the inventory of system components is maintained for the systems under ISSO jurisdiction
• Maintaining a copy of the authorization package documentation for systems under ISSO jurisdiction
• Distributing copies of contingency plans to key personnel [NIST SP 800-53, CP-2. b]
• Ensuring the implementation of protection measures that are documented in approved system security plans for systems under ISSO jurisdiction. This includes ensuring determination of the confidentiality, integrity, and availability during the development of system security plans
• Ensuring that system security plans are reviewed annually and updated as necessary by a properly appointed Government official.
• Ensuring that information access controls and cyber protection measures are implemented for systems as described by its authorization package
• Ensuring that users are granted access to systems’ resources based on the least privilege principle
• Identifying unique threats to systems, and documenting threats in the authorization packages and supporting documentation
• Documenting any special protection requirements identified by the application owner, data owner, or data steward, in the system security plans, and ensuring that these requirements are included within the protection measures implemented in the systems
• Ensuring the implementation of Government approved cyber security policies and procedures
• Ensuring that the appropriate System Owner (SO) is notified when changes occur that might affect the accreditation of the system
• Communicating individual incidents in accordance with incident response procedures and DOE-SR Incident Response processes
• Ensuring implementation of security configuration baseline settings for each system
• Ensuring that unauthorized personnel are not granted use of or access to the system
• Serving as the individual responsible to the SO and Information Owner/Steward (IO/S) for ensuring that the appropriate operational security posture is maintained for a system.
• Assist the Authorizing Official Designated Representative (AODR) and Information System Security managers (ISSM)s in the development and coordination of Computer Security Risk Assessments, Accreditation approvals, certifications, routine auditing of systems and program corrective action validation.
• Perform technical assessments and testing of assigned systems in the unclassified and classified accreditation boundaries to satisfy requirements governed by the DOE Cybersecurity Program or other HQ policies and procedures directed by the COR.
• Assist in the review and evaluation of comments relative to external reports, profiles and assessments, and provide support to collect data and provide input to reports as directed by COR.
• Provide cyber security support on technical projects and mandated requirements by attending meetings, developing policies, and tracking contractor actions
• Facilitate the annual review of the comprehensive Information Governance Policy for the Federal Boundary. 
• Perform Security Configuration Management support for Federal Boundary to include research and development of applicable baselines, configuration scanning, and notification to owner and personnel accountable, tracking remediation, reporting and validation.
• Support the Incident Response Team Lead (IRTL) in conducting annual Cyber Incident Response drills for Federal Boundary and documents lessons learned.
• Maintain the Federal Boundary's Authorization to Operate (ATO)
• Document any special protection requirements identified by the application owner, data owner, or data steward, and ensuring that these requirements are included within the protection measures implemented in the information systems
• Ensure that the inventory of components is maintained for the information systems under Federal Boundary's ISSO jurisdiction

Knowledge, Skills and Abilities:

• Excellent written and oral communication skills.

• Familiarity with the NIST 800 Series
• Attention-to-detail is critical, proven ability to look closely at your work to identify and correct errors, spot and improve weaknesses and produce a near-perfect end-result.
• Ability to identify problems, brainstorm and analyze answers, and implement the best solutions

Clearance:

• Must possess (or be able to obtain) a “Q” level security clearance.

 Education:

• Bachelor’s degree or equivalent and at least 3 years of experience as an ISSO/M. May substitute one year of hands-on experience in a relevant field for each year of formal training.

 Experience:

• Minimum of 7 years of experience in IT security or related field.

 Certification:

• Minimum of one of the following certifications: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM)