Cybersecurity Compliance Analyst

About The Position

Requirements

• Bachelor’s degree in Information Technology/Systems/Assurance, Cybersecurity, or related field from an accredited college or university.
• A minimum of four (4) years of relevant experience.
• Requires a security clearance; however, all candidates will be considered regardless of their current clearance status.
• The ability to obtain and maintain a Department of Energy security clearance is required.
• U.S. citizenship is a requirement for security clearance applicants.

Nice To Haves

• Advanced degree in Cybersecurity or closely related field from an accredited college or university, preferred.
• Previous experience in security or compliance auditing; with a strong focus on cybersecurity, network and system compliance.
• Working knowledge of NIST SP 800-171, RMF, CMMC and other related frameworks.
• Strong leadership, communication, and project management skills.
• A proven track record of effective written and verbal communication skills.

Responsibilities

• Analyze the security programs, systems, policies, and procedures of Program suppliers to assess their capability to protect sensitive information and meet security requirements.
• Work closely with suppliers to address vulnerabilities identified via supplier security audits and/or supplier network vulnerability scans.
• Review and approve security plans submitted by NNPP suppliers detailing their plan to control NNPI under their stewardship.
• Team with procurement counterparts to ensure application of appropriate security requirements are conveyed in contracts.
• Conduct assessments of supplier compliance with security requirements as defined in contractual documents and the approved supplier security plans. Specific focus areas may include but are not limited to cybersecurity, information security/assurance, physical security, and training.
• Coordinate and provide timely responses to supplier security issues as necessary to ensure the protection of NNPI, including working with suppliers to take necessary remediation actions to directly address reported issues.
• Team with equipment departments, IT, suppliers, and other government agencies to achieve commonality across the NNPP and to support effective security at all suppliers.
• Maintain currency on security issues and ideas: conduct research into new concepts, equipment, or methods to provide appropriate guidance to address current security vulnerabilities and mitigate future supplier security issues.
• Semi-frequent travel to supplier facilities (average 15-25%).

Benefits

• Competitive and attractive pay and benefits with a stable organization.
• Opportunities to participate in BPMI sponsored committees and clubs, each with their own mission and purpose.
• Career advancement and professional development programs.