Location:
Erwin,
TN 37650 US (Primary)
Travel
Required:
10 - 20%
Job
Type: Full-time Salaried- Security
Clearance Required
Career
Level: Manager
(Manager/Supervisor of Staff)
Education:
Bachelor's
Degree
Job
Category: Information
Technology
Job
Description / Duties
The
Information Systems Security Manager (ISSM) will be responsible for
administering the Information Security program at NFS, certification authority
for all information system accreditations, and implementing all Cyber Security
programs necessary to support U.S. Government regulatory requirements,
(DOE/NNSA, NRC, etc.). The candidate will report directly to the Information
Security Program Manager and will be responsible for the following scope of
work duties:
Oversight
of the tasks performed by NFS personnel supporting Information Security
requirements on B&W information systems
Organizing
and leading cross-functional teams to plan and implement cyber security
initiatives at NFS
Maintains
record copies of the Cyber Security Program Plan (CSPP) and ensures that a
record copy of each System Security Plan (SSP) is maintained.
Ensures
each Information System Security Officer (ISSO) and system administrator is
aware of and fulfills his/her cyber security duties.
Ensures
the development, documentation and presentation of information systems security
education, awareness, and training activities for management, cyber security
personnel, application owner, data steward, and users.
Establishes,
documents, and monitors the cyber security program implementation and ensures
compliance with the applicable organization policies and Government
regulations. Upon completion of each assessment or review, the ISSM must
ensure that a corrective action plan is prepared and implemented for all
findings or vulnerabilities.
Identifies
and documents specific threats to information systems and information at the
Site, develops and documents additional or modified protection measures for
those threats, and obtains approvals for the modified protection measures from
the cognizant DAA.
Ensures
the CSPP is coordinated with other Site Plans/Programs.
Ensures
the development of procedures to implement the cyber security program on all
information systems.
Certifies
to the cognizant Government official that the protection requirements described
in the SSP for each information system have been implemented and are
operational.
Ensures
that the cognizant Government official is notified when the information system
is no longer needed or when changes occur that might affect the accreditation
of the information system.
Ensures
the development, documentation, and presentation of cyber security training for
escorts in information systems operational areas.
Ensures
that each information system user acknowledges, in writing or electronically
his/her responsibility for the security of information systems and information;
Implements
and maintains a Cyber Security self-assessment program, identifies corrective
actions resulting from the self-assessments, and reports on the program status.
Leads
the NFS Cyber Security Incident Response Team (CSIRT) and communicates incident
reports to the appropriate organization and Government authorities.
Participating
in system design specification development with information system owners and
subject matter experts to develop creative security systems to solve business
problems while meeting site security requirements.
Work
directly with the NFS management staff and NFS IT staff to ensure the NFS
Information Security strategy is aligned and supports the operating unit and
service center goals.
Job
Qualifications / Requirements
The
successful candidate must have:
•Strongly
prefer a Bachelor's degree combined with at least 10 years IT security/systems
experience.
•Experience
at managing or supervising a team of skilled technical employees.
•The
ability to lead large cross-functional project teams and be able to demonstrate
success.
•Working
knowledge of system functions, cyber security policies and cyber security
protection requirements.
•Excellent
communication skills and can effectively interact with all levels of B&W
employees, Information Technology personnel, and Government agency personnel.
•Hold
CISSP or GSLC certification or demonstrate an equivalent level of knowledge,
skills and expertise with a commitment to obtain the CISSP or GSLC
certification with 6 months of hire.
•Maintain
utmost confidentiality
To
be considered for this position, go to www.babcock.com,
click on “Careers,” then “Get Started.” Enter job code XXX - Information System
Security Manager (ISSM) to apply for the position.
The
Babcock & Wilcox Company (B&W) embraces diversity of thought, values
individuality, encourages new perspectives and provides equal opportunity in
employment for all qualified employees and applicants without regard to race,
color, religion, gender, sexual orientation, age, national origin, disability,
veteran status, genetic information, or any other category protected by
federal, state, and/or local law.
Applicants
selected will be subject to a Federal background investigation and must meet
eligibility requirements for access to classified information or matter.
Position requires U.S. Citizenship with (no dual citizenship) ability to obtain
and maintain a Department of Energy (DOE) security clearance which involves an
extensive criminal and financial background investigation and previous
employment reference verifications.
No comments:
Post a Comment