Associate Computer Security Engineer � Common Controls, Cyber Security

EGS•Aiken, SC

22h•Onsite

About The Position

EGS is seeking an Associate Computer Security Engineer - Common Controls & RMF Compliance to support cybersecurity governance, Risk Management Framework (RMF) implementation, and common control activities at the Savannah River Site. This position is ideal for an early-career cybersecurity professional interested in cybersecurity governance, compliance, technical documentation, and NIST-based security programs. The selected candidate will support implementation and maintenance of NIST RMF requirements and enterprise common control boundaries within a highly regulated DOE environment. The successful candidate will work closely with experienced cybersecurity personnel and receive mentorship related to Department of Energy (DOE), National Nuclear Security Administration (NNSA), and Environmental Management (EM) cybersecurity standards, governance processes, and regulatory requirements.

Requirements

Bachelor's degree in Information Technology, Computer Science, Cybersecurity, Computer Engineering, Software Engineering, or related discipline
Non-technical Bachelor's degree with 2+ years of related experience
Associate's degree in IT-related field with 2+ years of related experience
Non-technical Associate's degree with 4+ years of related experience
High School Diploma/GED with 6+ years of equivalent experience
Basic understanding of cybersecurity principles, protections, and frameworks
Foundational knowledge of computer systems, networking, and information security concepts
Strong written communication and technical composition skills
Strong analytical and research capabilities
Ability to learn and adapt to complex cybersecurity requirements and regulatory environments
Ability to work effectively within a collaborative team environment
Ability to work onsite with limited telework availability
Must be able to obtain and maintain a DOE Q Clearance

Nice To Haves

Exposure to NIST SP 800-series guidance or NIST RMF processes
Familiarity with cybersecurity governance, compliance, or technical documentation activities
Understanding of RMF lifecycle components including categorization, control implementation, assessment, authorization, and continuous monitoring
Experience supporting cybersecurity compliance initiatives or internal assessments
Previous DOE, federal, defense, or nuclear industry experience
Active DOE Q or L Clearance preferred
Subcontractor must maintain active eFOCI registration and approved Facility Clearance with DOE/NNSA

Responsibilities

Assist with implementation and maintenance of NIST Risk Management Framework (RMF) activities
Support development, documentation, and maintenance of enterprise common control implementations
Participate in RMF lifecycle activities including: System categorization, Control selection, Control implementation, Security assessment, Authorization support, Continuous monitoring
Support cybersecurity governance and compliance initiatives across the enterprise
Prepare and maintain cybersecurity documentation including control implementation summaries, procedures, and security artifacts
Conduct research related to NIST guidance, DOE/NNSA directives, cybersecurity policies, and industry best practices
Assist with development and updates to cybersecurity procedures and compliance documentation
Support internal assessments, gap analyses, and compliance reviews
Collaborate with cybersecurity teams and senior technical staff to ensure consistent implementation of cybersecurity requirements
Assist with cybersecurity governance and policy alignment activities
Support continuous improvement initiatives related to cybersecurity compliance and risk management
Stay current with evolving cybersecurity frameworks, standards, and regulatory environments
Communicate effectively with technical and non-technical stakeholders