SR Manager, Cybersecurity

Newport News Nuclear BWXT Los Alamos LLC•Los Alamos, NM

2d•Onsite

About The Position

The Sr. Manager, Cybersecurity is responsible for enterprise-wide cybersecurity leadership at N3B. They are responsible for establishing Cyber Security strategies, governance, and risk management oversight for all General Support System (GSS) and Industrial Control System (ICS) boundaries. The Sr. Manager, Cybersecurity provides executive oversight of Authorization to Operate (ATO) posture and risk acceptance, ensuring that cybersecurity risks are identified, prioritized, and communicated appropriately to the CIO and DOE oversite specifically the Authorizing Official (AO). The Sr. Manager, Cybersecurity provides leadership to the Cyber Security organization including Information System Security Manager (ISSM), Information System Security Officer (ISSO), Information System Security Engineer (ISSE), and Security Engineers. The Sr. Manager, Cybersecurity will be the Cyber Security advisor for N3B, working closely with the ISSM, and DOE oversite (EM-LA). The candidate will report directly to the CIO.

Requirements

Candidate must demonstrate the ability to lead cross-functional project teams
Must have experience at directing the work of other highly skilled, technical employees
Must have an expert knowledge of system functions, Cyber Security policies, and Cyber Security protection requirements
Must have excellent communications skills in order to effectively interact with business, Information Technology personnel, and Government agencies.
Ability to assist in orienting, training, assigning and checking the work of lower level employees.
Ability to communicate effectively (e.g., address concerns and provide updates regularly to keep team members informed and engaged).
Ability to motivate and inspire action and create a positive environment where people can excel
Must be able to maintain confidentiality when working with sensitive information.
All qualified applicants will be considered; however, the successful candidate must be able to obtain and maintain a Q clearance from the United States Department of Energy.
Bachelors' degree in Information Systems, Computer Science, Management Information Systems, or a related discipline combined with 10 years of related experience, or Masters' degree in Information Systems, Computer Science, Management Information Systems, or a related discipline with 8 [DS2] [DS3] years of related experience. Experience should include a minimum of 5 years of supervisor responsibility.
Furthermore, the ISSM, must currently hold the CISSP or GSLC certification.
Education Equivalency: 1 years of relevant experience for 1 year of college.

Nice To Haves

Preferred experience is with DOE or NNSA.

Responsibilities

Establishes and maintains the enterprise Cyber Security strategy and roadmap
Provides oversight of Cyber Security risk posture across all boundaries
Ensures proper separation of duties between leadership, Risk Management Framework (RMF) execution, engineering, and operations
Oversees Cyber Security incident escalation and executive decision-making
Reviews Cyber Security metrics, POA&M trends, and risk indicators
Aligns Cyber Security initiatives with Zero Trust and federal requirements
Supports audits, assessments, and inspections
Experience supporting regulated or critical infrastructure environments
Ability to manage technical and compliance requirements
Ability to maintain confidentiality with sensitive information
Oversight of the tasks performed by N3B personnel supporting Cyber Security requirements on N3B information systems
Organizing and leading cross-functional teams to plan and implement Cyber Security initiatives at N3B
Works and communicates collaboratively with all of IT and federal staff
Ensures Information System Security Manager (ISSM), Information System Security Officer[DS1] (ISSO), Information System Security Engineer (ISSE), and Security Engineers as well as other key members of IT, are aware of and fulfills his/her Cyber Security duties.
Ensures the development, documentation and presentation of Cyber Security education, awareness, and training activities for management, Cyber Security personnel, application owner, data steward, and users.
Establishes, documents, and monitors the Cyber Security program implementation and ensures compliance with the applicable organization policies and Government regulations. Upon completion of each assessment or review, the ISSM must ensure that a corrective action plan is prepared and implemented for all findings or vulnerabilities.
Ensures the C&A packages are coordinated with other Site Plans/Programs
Ensures that the cognizant Government official(s) is notified when the information system is no longer needed or when changes occur that might affect the accreditation of the information system.
Ensures that each information system user acknowledges, in writing or electronically his/her responsibility for the security of information systems and information;
Participating in system design specification development with information system owners and subject matter experts to develop creative security systems to solve business problems while meeting site security requirements.
Work directly with the N3B management staff and N3B IT staff to ensure the N3B Cyber Security strategy is aligned and supports the operating unit and service center goals.