Cybersecurity Policy Analyst
Idaho National Laboratory
Idaho National Laboratory's (INL) Information Assurance group is seeking forward-thinking professionals interested in exploring a career as a Cybersecurity Policy Analyst! This team works a remote 9x80 schedule with every other Friday off.
The position supports core functions within the INL's Cybersecurity Program and participates in activities that provide policy and governance for the Idaho National Laboratory Cybersecurity Program, specifically the Unclassified Cybersecurity program.
Participates in the creation, review, and assessment of policies and procedures supporting the secure use and operation of cloud computing systems. This includes system security plans, vulnerability management, risk management, configuration management, change management, and others.
Makes and implements recommendations for improvements in cybersecurity controls.
Ensures the appropriate operational security posture for the INL cloud information systems is maintained to include ensuring implementation of DOE and INL site cybersecurity policies, practices, and procedures.
Works with system owners, Information System Security Officers, and INL's Cybersecurity Information System Security Manager (ISSM).
Serves as an advisor on all matters, technical and otherwise, involving security of assigned cloud information systems.
Participates in assessments/audits of INL's information technology, managed services, cloud services, and other services.
Is responsible for the assessment of the system security protection measures and documentation for applicable systems.
Assists in all cybersecurity efforts including continuous monitoring, reporting, participation on project teams, incident management, and supporting the information system.
Understands and commits to the Integrated Safety Management System and the Voluntary Protection Program.
Integrates the principles, processes, and requirements into work assignments including understanding, implementing, and following the INL work control processes.
- Level 1: Bachelor's degree, or 8 years relevant education/experience in lieu of degree.
- Level 2: Bachelor's degree and 2 yrs., or a Master's degree and 1 yrs., or 10 years relevant education/experience in lieu of a bachelor's degree.
- Relevant experience should be in information technology or cybersecurity.
- Must have experience assessing information systems against one or more of the following cybersecurity frameworks, NIST 800-53, PCI, CIS, ISO 27001, SOC, PCI, or HITRUST.
- Must be familiar with SAAS, IAAS, or PAAS cybersecurity practices.
- This position requires the ability to obtain and maintain a Department of Energy "Q" clearance, which requires US Citizenship.
- Have completed training and/or obtained certifications as a Certified Information System Security Professional (CISSP), or SANS Global Information Assurance Certification (GIAC).
- Experience or strong familiarity with continuous integration/development or DevSecOps.
- Salary Grade 180 ($60,984 - $97,584) / Salary Grade 190 ($68,820 - $113,644)
- Chosen applicants are required to show a demonstrated commitment to valuing diversity and contributing to an inclusive working environment.
- TDP: Testing designated position; you will be required to submit to a pre-employment drug screen and periodic drug testing throughout the term of your employment.
- Multi-Level: This is a multi-level posting and the selected candidate will be placed at the appropriate level dependent on depth and breadth of proven experience and skills.
INL is a science-based, applied engineering national laboratory dedicated to supporting the U.S. Department of Energy's mission in nuclear energy research, science, and national defense. With more than 5,000 scientists, researchers, and support staff, the laboratory works with national and international governments, universities and industry partners to discover new science and development technologies that underpin the nation's nuclear and renewable energy, national security, and environmental missions.
Our mission is to discover, demonstrate and secure innovative nuclear energy solutions, other clean energy options and critical infrastructure.
Our vision is to change the world's energy future and secure our nation's critical infrastructure.
Selective Service Requirements:
To be eligible for employment at INL men born after December 31, 1959 must have registered with the Selective Service System (SSS). For more information see www.sss.gov.
Equal Employment Opportunity:
INL is an Equal Employment Opportunity (EEO) employer. It is the policy of INL to provide EEO to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran or disabled status, or genetic information. Women and People of Color are strongly encouraged to apply.
We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.
When applying to positions please provide your resume and answer all questions on the following screens. Applicants, who fail to provide a resume or answer the questions, may be deemed ineligible for consideration.
INL does not accept resumes from third party vendors unsolicited.
Benefits & Salary:
We have an extremely competitive salary structure, robust relocation package, and a phenomenal benefits package. For more information, please visit: https://www.inl.gov/careers/benefits-overview
About this Employer
Part of the U.S. Dept. of Energy’s complex of national laboratories, INL performs work in each of the strategic goal areas: energy, national security, science & environment. INL is the nation’s leading center for nuclear energy research & development.