Today
DoE Q or L
Unspecified
Unspecified
IT - Security
Knoxville, TN (On-Site/Office)
Cyber Governance Analyst
Founded in 1999 in the beautiful Smoky Mountains of East Tennessee, Cadre5 provides innovative technical solutions to our customers locally and nationally. Our Cadre5 Lab Partners division has partnered with The Information Technology Services Directorate (ITSD) at Oak Ridge National Laboratory (ORNL) to recruit a qualified Cyber Governance Analyst.
ORNL delivers scientific discoveries and technical breakthroughs needed to realize solutions in energy and national security and provides economic benefit to the nation. This premier research institution located near Knoxville in Oak Ridge, TN, addresses national needs through impactful research and world-leading research centers.
#CJ
This is a full-time, permanent position that requires on-site work.
Why Cadre5?
Benefits
ITLP offers excellent pay and benefits, to include full medical, dental, and vision coverage coupled with 401K match, 15 days PTO, and 10 holidays.
Cadre5 is an equal opportunity employer. All qualified applicants, including individuals with disabilities and protected veterans, are encouraged to apply. Cadre5 is an E-Verify Employer.
Founded in 1999 in the beautiful Smoky Mountains of East Tennessee, Cadre5 provides innovative technical solutions to our customers locally and nationally. Our Cadre5 Lab Partners division has partnered with The Information Technology Services Directorate (ITSD) at Oak Ridge National Laboratory (ORNL) to recruit a qualified Cyber Governance Analyst.
ORNL delivers scientific discoveries and technical breakthroughs needed to realize solutions in energy and national security and provides economic benefit to the nation. This premier research institution located near Knoxville in Oak Ridge, TN, addresses national needs through impactful research and world-leading research centers.
#CJ
This is a full-time, permanent position that requires on-site work.
Why Cadre5?
- Working with highly talented team members
- 3 weeks' vacation
- Excellent medical insurance
- Identify, review, and provide analysis and recommendations to meet requirements of applicable laws, regulations, orders, and the contract, translate into policies, procedures, suggested control structures, analysis/white papers, aligning with business objectives
- Provide guidance on policies and controls to support appropriate levels of risk, facilitate risk tolerance discussions and decisions, and recommend controls based on industry standards and practices
- Assist risk management efforts including risk assessment process, identification of risk mitigation strategies, standardized assessment processes, and risk management training
- Participate in internal/external compliance audits, reviews, self-assessments, assessments, and data calls
- Identify, promote, and implement process improvements
- Perform Security Control assessments per NIST SP 80053A Rev.5 guidance
- Bachelor's degree in a scientific field or equivalent combination of education and experience
- 5+ years of experience in cyber policy, risk management, governance, and compliance
- Experience in security control assessments, Master Plans, and Cybersecurity program plans
- Strong analytical and organizational skills as well as problem solving capabilities to understand Cyber risk and exposure (legal, regulatory violations, etc.) to ORNL
- Demonstrated experience implementing compliance frameworks (NIST, A123, Privacy)
- Facilitation and project management knowledge, skills, and abilities; lead program implementations
- Demonstrated excellent interpersonal, verbal, written and presentation communication skills and demonstrated ability to interact with all levels of internal and external stakeholders
- Strong customer service, networking, and teamwork skills with all levels of internal and external personnel, demonstrated ability to work with all levels of an organization
- Thorough understanding of industry standards and regulations including PCI, HIPAA, Privacy Act, NIST 800-53, NIST Risk Management Framework, FAIR
- Working knowledge of privacy regulations and impacts
- Experience integrating risk, compliance, and governance groups within an organization; support competing priorities, and provide guidance on how to meet requirements
- Ability to work independently and meet deadlines
- Exceptional communication, problem-solving and negotiation skills
- High ethical standards and operates with integrity and professionalism
- The ability to obtain and maintain a Department of Energy clearance is required. This requires US Citizenship or legal permanent residency.
- Master's Degree in Information Assurance or related field
- Minimum seven years' experience working in an information security, information technology or information risk management related field
- Cyber Security certifications (CISA, CISM, CRISC, CISSP)
- Project Management certification (PgMP, PMP, PMI-ACP)
- Privacy management, cyber security, evaluating security controls, identifying control gaps, and mitigating measures along with a strong understanding of business practices and technology concepts
- Highly motivated individual with an enthusiasm for governance, risk and compliance who can communicate benefits and drive success
- Experience gaining an Authority to Operate (ATO) for a government system
- Proven track record of prioritizing tasking and meeting established deadlines
- Active DOE Q or TS clearance
Benefits
ITLP offers excellent pay and benefits, to include full medical, dental, and vision coverage coupled with 401K match, 15 days PTO, and 10 holidays.
Cadre5 is an equal opportunity employer. All qualified applicants, including individuals with disabilities and protected veterans, are encouraged to apply. Cadre5 is an E-Verify Employer.
group id: 91128638
