Today
DoE Q or L
Unspecified
Unspecified
IT - Security
Knoxville, TN (On-Site/Office)
Information Systems Security Officer (ISSO)- Special Systems
Founded in 1999 in the beautiful Smoky Mountains of East Tennessee, Cadre5 provides innovative technical solutions to our customers locally and nationally. Our Cadre5 Lab Partners division has partnered with The Information Technology Services Directorate (ITSD) at Oak Ridge National Laboratory (ORNL) to recruit a qualified Information Systems Security Officer (ISSO) in the Cybersecurity Division's Governance Group for unclassified and classified operations. The successful candidate should have a competent level of knowledge of principles of all aspects of cybersecurity policy implementation, Department of Energy (DOE) cyber security requirements, security planning, and general computer system functions. The candidate will collaborate with other teams across the lab, to include Information Technology, Physical Security, Classification Office, Cybersecurity, Lab Enterprise Risk, Lab Internal Audit, and others as appropriate. The candidate for this specific role will have security experience in control systems, ICS and OT environments and will be directly supporting these types of mission systems.
ORNL delivers scientific discoveries and technical breakthroughs needed to realize solutions in energy and national security and provides economic benefit to the nation. This premier research institution located near Knoxville in Oak Ridge, TN, addresses national needs through impactful research and world-leading research centers.
#CJ
This is a full-time, permanent position that requires on-site work.
Why Cadre5?
Purpose:
Assist the Information Systems Security Manager (ISSM) and the Chief Information Security Officer (CISO) in the certification and accreditation (C&A) of systems/networks and implementation of cyber security requirements and procedures across the Oak Ridge National Laboratory (ORNL). This role aligns with the Cybersecurity Division's mission to safeguard critical infrastructure, protect sensitive information, and drive cybersecurity research and innovation. By promoting collaboration, leveraging technology, and adhering to best practices, we ensure the resilience and integrity of the digital landscape while empowering stakeholders with secure solutions.
Job Responsibilities:
The ISSO is a primary stakeholder and facilitator of the continuous monitoring efforts that promote RMF compliance throughout the organization. The ISSO provides direction to IT and infrastructure support personnel on the application of security patches and secure configurations. Routine collaboration and consultation with the ISSM regarding the design, development, integration, and analysis of unclassified information systems. Under general supervision, the candidate is responsible for performing a full range of Information Assurance functions in support of the security needs of the ORNL ISSM.
Primary Responsibilities:
Basic Qualifications:
Preferred Qualifications:
Benefits
Cadre5 offers excellent pay and benefits, to include full medical, dental, and vision coverage coupled with 401K match, 15 days PTO, and 10 holidays.
Cadre5 is an equal opportunity employer. All qualified applicants, including individuals with disabilities and protected veterans, are encouraged to apply. Cadre5 is an E-Verify Employer.
Founded in 1999 in the beautiful Smoky Mountains of East Tennessee, Cadre5 provides innovative technical solutions to our customers locally and nationally. Our Cadre5 Lab Partners division has partnered with The Information Technology Services Directorate (ITSD) at Oak Ridge National Laboratory (ORNL) to recruit a qualified Information Systems Security Officer (ISSO) in the Cybersecurity Division's Governance Group for unclassified and classified operations. The successful candidate should have a competent level of knowledge of principles of all aspects of cybersecurity policy implementation, Department of Energy (DOE) cyber security requirements, security planning, and general computer system functions. The candidate will collaborate with other teams across the lab, to include Information Technology, Physical Security, Classification Office, Cybersecurity, Lab Enterprise Risk, Lab Internal Audit, and others as appropriate. The candidate for this specific role will have security experience in control systems, ICS and OT environments and will be directly supporting these types of mission systems.
ORNL delivers scientific discoveries and technical breakthroughs needed to realize solutions in energy and national security and provides economic benefit to the nation. This premier research institution located near Knoxville in Oak Ridge, TN, addresses national needs through impactful research and world-leading research centers.
#CJ
This is a full-time, permanent position that requires on-site work.
Why Cadre5?
- Working with highly talented team members
- 3 weeks' vacation
- Excellent medical insurance, up to 100% paid by employer
Purpose:
Assist the Information Systems Security Manager (ISSM) and the Chief Information Security Officer (CISO) in the certification and accreditation (C&A) of systems/networks and implementation of cyber security requirements and procedures across the Oak Ridge National Laboratory (ORNL). This role aligns with the Cybersecurity Division's mission to safeguard critical infrastructure, protect sensitive information, and drive cybersecurity research and innovation. By promoting collaboration, leveraging technology, and adhering to best practices, we ensure the resilience and integrity of the digital landscape while empowering stakeholders with secure solutions.
Job Responsibilities:
The ISSO is a primary stakeholder and facilitator of the continuous monitoring efforts that promote RMF compliance throughout the organization. The ISSO provides direction to IT and infrastructure support personnel on the application of security patches and secure configurations. Routine collaboration and consultation with the ISSM regarding the design, development, integration, and analysis of unclassified information systems. Under general supervision, the candidate is responsible for performing a full range of Information Assurance functions in support of the security needs of the ORNL ISSM.
Primary Responsibilities:
- Provide assistance to the ISSM and CISO in the certification and accreditation (C&A) of systems/networks and implementation of cybersecurity requirements and procedures across the Oak Ridge National Laboratory (ORNL)
- Ensure systems are operated, maintained, and disposed of in accordance with DOE and ORNL security policies and procedures and as outlined in applicable System Security Plans (SSPs).
- Perform documented procedures for authorizing users to access information systems.
- Develop and maintain SSPs for system C&A.
- Manage Plans of Action and Milestones to closure for information systems under accreditation.
- Provide guidance on policies and controls to support appropriate levels of risk, facilitate risk tolerance discussions and decisions, and recommend controls based on industry standards and practices. Escalate questions/concerns/issues to more senior-level staff as required.
- Participate in internal/external compliance audits, reviews, self-assessments, assessments, and data calls.
- Identify, promote, and make recommendations for process improvements.
- Assist with annual self-inspections, system certification testing, periodic security testing, and functional testing on systems/networks.
- Ensure compliance of all network equipment with applicable DOE and ORNL requirements
- Other duties as assigned for support within the programs.
Basic Qualifications:
- Bachelor's degree with 5-7 years of relevant experience (ex. cybersecurity assessments, risk management, cybersecurity policy, and compliance, etc.). An equivalent combination of education and experience may be considered.
- Ability to obtain and maintain a DOE Q security clearance or equivalent is required.
- Strong analytical and organizational skills as well as problem solving capabilities to understand Cybersecurity risk and exposure (legal, regulatory violations, etc.) to ORNL.
- Demonstrated experience implementing compliance frameworks (NIST, etc.)
- Excellent interpersonal, verbal, written, and presentation communication skills.
- Thorough understanding of industry standards and regulations including NIST 800-53, NIST Risk Management Framework, NIST 800-82, and NIST Cybersecurity Framework (CSF).
- Working knowledge of privacy regulations and impacts.
- Experience with control systems and security requirements.
- Ability to work independently, meet deadlines, and uphold high ethical standards
- The ability to obtain and maintain a Department of Energy "Q" clearance is required. This requires US Citizenship.
Preferred Qualifications:
- Active DOE Q or TS security clearance or equivalent.
- Master's degree in information assurance or related field with 4-6 years of relevant experience working in an information security, information technology or information risk management related field.
- Significant experience with control systems security.
- Cybersecurity certifications (CISSP, CISA, CISM, CRISC, CCSP, SSCP) and Incident Response Certification
- Privacy management, cybersecurity, evaluating security controls, identifying control gaps, and mitigating measures along with a strong understanding of business practices and technology concepts.
- Highly motivated individual with an enthusiasm for governance, risk and compliance who can communicate benefits and drive success.
- Demonstrated background in governance, risk, and compliance.
- Experience in obtaining Authority to Operate (ATO) for DOE government systems.
Benefits
Cadre5 offers excellent pay and benefits, to include full medical, dental, and vision coverage coupled with 401K match, 15 days PTO, and 10 holidays.
Cadre5 is an equal opportunity employer. All qualified applicants, including individuals with disabilities and protected veterans, are encouraged to apply. Cadre5 is an E-Verify Employer.
group id: 91128638
