Location: Erwin, TN 37650 US (Primary)
Travel Required: 10 - 20%
Job Type: Full-time Salaried- Security Clearance Required
Career Level: Manager (Manager/Supervisor of Staff)
Education: Bachelor's Degree
Job Category: Information Technology
Job Description / Duties
The Information Systems Security Manager (ISSM) will be responsible for administering the Information Security program at NFS, certification authority for all information system accreditations, and implementing all Cyber Security programs necessary to support U.S. Government regulatory requirements, (DOE/NNSA, NRC, etc.). The candidate will report directly to the Information Security Program Manager and will be responsible for the following scope of work duties:
Oversight of the tasks performed by NFS personnel supporting Information Security requirements on B&W information systems
Organizing and leading cross-functional teams to plan and implement cyber security initiatives at NFS
Maintains record copies of the Cyber Security Program Plan (CSPP) and ensures that a record copy of each System Security Plan (SSP) is maintained.
Ensures each Information System Security Officer (ISSO) and system administrator is aware of and fulfills his/her cyber security duties.
Ensures the development, documentation and presentation of information systems security education, awareness, and training activities for management, cyber security personnel, application owner, data steward, and users.
Establishes, documents, and monitors the cyber security program implementation and ensures compliance with the applicable organization policies and Government regulations. Upon completion of each assessment or review, the ISSM must ensure that a corrective action plan is prepared and implemented for all findings or vulnerabilities.
Identifies and documents specific threats to information systems and information at the Site, develops and documents additional or modified protection measures for those threats, and obtains approvals for the modified protection measures from the cognizant DAA.
Ensures the CSPP is coordinated with other Site Plans/Programs.
Ensures the development of procedures to implement the cyber security program on all information systems.
Certifies to the cognizant Government official that the protection requirements described in the SSP for each information system have been implemented and are operational.
Ensures that the cognizant Government official is notified when the information system is no longer needed or when changes occur that might affect the accreditation of the information system.
Ensures the development, documentation, and presentation of cyber security training for escorts in information systems operational areas.
Ensures that each information system user acknowledges, in writing or electronically his/her responsibility for the security of information systems and information;
Implements and maintains a Cyber Security self-assessment program, identifies corrective actions resulting from the self-assessments, and reports on the program status.
Leads the NFS Cyber Security Incident Response Team (CSIRT) and communicates incident reports to the appropriate organization and Government authorities.
Participating in system design specification development with information system owners and subject matter experts to develop creative security systems to solve business problems while meeting site security requirements.
Work directly with the NFS management staff and NFS IT staff to ensure the NFS Information Security strategy is aligned and supports the operating unit and service center goals.
Job Qualifications / Requirements
The successful candidate must have:
•Strongly prefer a Bachelor's degree combined with at least 10 years IT security/systems experience.
•Experience at managing or supervising a team of skilled technical employees.
•The ability to lead large cross-functional project teams and be able to demonstrate success.
•Working knowledge of system functions, cyber security policies and cyber security protection requirements.
•Excellent communication skills and can effectively interact with all levels of B&W employees, Information Technology personnel, and Government agency personnel.
•Hold CISSP or GSLC certification or demonstrate an equivalent level of knowledge, skills and expertise with a commitment to obtain the CISSP or GSLC certification with 6 months of hire.
•Maintain utmost confidentiality
To be considered for this position, go to www.babcock.com, click on “Careers,” then “Get Started.” Enter job code XXX - Information System Security Manager (ISSM) to apply for the position.
The Babcock & Wilcox Company (B&W) embraces diversity of thought, values individuality, encourages new perspectives and provides equal opportunity in employment for all qualified employees and applicants without regard to race, color, religion, gender, sexual orientation, age, national origin, disability, veteran status, genetic information, or any other category protected by federal, state, and/or local law.
Applicants selected will be subject to a Federal background investigation and must meet eligibility requirements for access to classified information or matter. Position requires U.S. Citizenship with (no dual citizenship) ability to obtain and maintain a Department of Energy (DOE) security clearance which involves an extensive criminal and financial background investigation and previous employment reference verifications.