Associate Common Controls Cyber Security Engineer

About The Position

Requirements

• Must be a US Citizen
• Bachelor’s degree in IT related discipline (e.g., Information Technology, Computer Technology. Software Engineering, Computer Science, Computer Engineering); or Non-related bachelor’s degree with 2 years proven performance in related assignment(s); or Associate degree in IT related discipline (e.g. Information Technology, Computer Technology, Software Engineering, Computer Science, Computer Engineering) with 2 years’ proven performance in related assignment(s); or Non-related associate degree with 4 years proven performance in related assignment(s). In lieu of degree, a high school diploma with at least 6 years of equivalent knowledge and experience is acceptable.
• Knowledge of basic cybersecurity protections, principles, or frameworks. (Required)
• Knowledge of basic computer and networking concepts, principles, and practices. (Required)
• Strong written communication and composition abilities. (Required)
• Demonstrated willingness to learn complex cybersecurity requirements and regulatory environments. (Required)
• Ability to work on-site with limited teleworking options. (Required)
• Strong research and analytical skills. (Required)

Nice To Haves

• Exposure to NIST SP 800-series guidance or the Risk Management Framework. (preferred)
• Experience supporting cyber security concepts such as categorization, control selection, implementation, assessment, authorization, and continuous monitoring (preferred)
• Familiarity with governance, compliance, or technical documentation. (preferred)

Responsibilities

• Safety is a primary responsibility in each job performed. Obtain safety training, obey safety rules. And make safety an integral part of each task. Take the necessary steps to stop work if continuing the job is unsafe or will create an unsafe condition.
• Under regular supervision, assists with the investigation, design, and development of software and/or hardware security technologies for SRS.
• Work with vendors to develop technical solutions for site computer security needs.
• Maintain the integrity of computer workstations, servers, and networks by maintaining access controls and software lifecycle process as needed.
• Ensure data integrity and confidentiality through implementing the use of both encryption and data retention technologies.
• Increase technical abilities through specialized vendor training, manuals and technical journals, software seminars, informational meetings, and practical experience.
• Ensure that site/company policies and procedures are tied to customer requirements and our evaluated for effectiveness and proper implementation.
• Assist in developing, documenting, and maintaining common control implementations and associated artifacts.
• Support activities related to the NIST RMF lifecycle, including categorization, control selection, implementation, assessment, authorization, and continuous monitoring.
• Conduct in-depth research on cybersecurity policies, NIST guidance, DOE/NNSA directives, and industry best practices.
• Prepare and update security documentation such as control implementation summaries, procedures, and system security artifacts.
• Collaborate with senior cybersecurity staff to ensure consistent application of cybersecurity requirements.
• Participate in internal assessments, gap analyses, and compliance reviews.

Benefits

• health, dental, vision, and life insurance
• 401(k) with employer match
• paid time off