Security Clearance:
This position requires a current DOE Q or DoD Top Secret / SCI security clearance.
In its majority, work will be performed remotely, from the employee's place of residence. Pre-planned travel to Oak Ridge, Tennessee, or Amarillo, Texas, for on-site interaction, support, and instruction will be required up to 15% of the time.
THIS IS A HYBRID-REMOTE POSITION.
Global Engineering and Technology (GET) is seeking qualified applicants for Senior Systems Security Analyst / Security Engineer in support of the United States Department of Energy's cybersecurity program. This is a highly compensated, high-responsibility technical security position that is central to our mission's success.
- This senior position is responsible for the analysis and development of the integration, testing, operations, and maintenance of systems security within our team's highly dynamic operating environment
- Candidates will have senior-level experience in Security Information and Event Management (SIEM) and senior-level experience as an Information System Security Manager (ISSM)
Requirements
Security Clearance:
This position requires a current DOE Q or DoD Top Secret / SCI security clearance.
PLEASE NOTE:
This position requires senior-level experience in Security Information and Event Management (SIEM), senior-level experience as an Information System Security Manager (ISSM), and experience with Security Control Assessments.
Required Education and Experience (as demonstrated by technical expertise and certification, where applicable):
- Associate's degree with 15+ years, or Bachelor's degree with 10+ years of related cybersecurity experience, including at least 5 years performing hands-on information system security work, security systems engineering, and assessing security controls based on required cybersecurity principles.
Required Knowledge, Skillset, and Abilities (KSAs):
- Knowledge of computer networking concepts and protocols, and network security methodologies.
- Knowledge of Industrial Control System/Supervisory Control and Data Acquisition System threats, vulnerabilities, security controls and methods.
- Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
- Knowledge of cybersecurity and privacy principles.
- Knowledge of cyber threats and vulnerabilities.
- Knowledge of specific operational impacts of cybersecurity lapses.
- Knowledge of encryption algorithms
- Knowledge of cryptography and cryptographic key management concepts
- Knowledge of installation, integration, and optimization of system components.
- Knowledge of vulnerability information dissemination sources (e.g., alerts, advisories, errata, and bulletins).
- Knowledge of cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, nonrepudiation).
- Knowledge of information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption).
- Knowledge of security system design tools, methods, and techniques.
- Knowledge of software engineering.
- Knowledge of the systems engineering process.
- Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
- Knowledge of network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools.
- Knowledge of security models (e.g., Bell-LaPadula model, Biba integrity model, Clark-Wilson integrity model).
- Knowledge of Personally Identifiable Information (PII) data security standards.
- Knowledge of information technology (IT) risk management policies, requirements, and procedures.
- Knowledge of laws, policies, procedures, or governance relevant to cybersecurity for critical infrastructures.
- Knowledge of configuration management techniques.
- Knowledge of security management.
- Knowledge of developing and applying user credential management system.
- Knowledge of implementing enterprise key escrow systems to support data-at-rest encryption.
- Knowledge of an organization's information classification program and procedures for information compromise.
- Knowledge of countermeasure design for identified security risks.
- Knowledge of network design processes, to include understanding of security objectives, operational objectives, and trade-offs.
- Knowledge of how to use network analysis tools to identi