Cybersecurity M2- Cyber Assurance Continuous Monitoring/Scanning

Information Technology / Operations Technology (IT/OT) professionals sculpt the technological framework of the organization through the creation and management of scalable and secure information systems. Charged with the development and deployment of solutions, they analyze short- and long-term requirements to enhance system functionality and efficiency. They design and refine software applications, ensuring integration with existing architectural paradigms while also developing network systems and infrastructure to support business needs. IT/OT personnel manage the organization's IT/OT landscape, guaranteeing the reliable operation of servers, databases, and other components of the technology ecosystem. By maintaining a secure and robust IT/OT infrastructure, they uphold the integrity and confidentiality of data while facilitating connectivity and accessibility. Information Technology / Operations Technology personnel continually adapt to technological advancements, ensuring the organization stays at the forefront of emerging IT/OT trends and is well-equipped to meet future challenges while maintaining secure and stable operations.

Discipline Description

Cybersecurity personnel design, test, and implement state-of-the-art secure operating systems and networks, and research the development of and deployment of cybersecurity programs to meet the DOE and NNSA enterprise requirements, policies, standards, guidelines, and procedures. They establish cybersecurity programs and plans for the SRS, at the Site level, based on contractual requirements such as DOE Order 205.1C and NNSA SD 205.1; provide guidance to Site tenants across multiple companies; converse with DOE and NNSA Complex partners on security posture, plans, procedures, and guidance; support the Counter Intelligence organization in their mission; are versed in the areas of Risk Management, Governance, User Awareness, Continuous Monitoring, Vulnerability assessments, Compliance, Threat Intelligence, Enterprise Monitoring, and Forensics in support of safeguarding SRS and the organization's, assets, information, and personnel.

Some Typical Duties & Responsibilities Include: A Cybersecurity Manager is responsible for leading and managing a team of cybersecurity engineers to design, test, and implement state-of-the-art secure operating systems and networks, and research the development of and deployment of cybersecurity programs to meet the DOE and NNSA enterprise requirements, policies, standards, guidelines, and procedures. This role combines technical expertise with leadership skills to ensure that all cybersecurity projects are executed efficiently and effectively, meeting the organization's goals and standards.

Key Responsibilities: A successful candidate will be highly organized, detail oriented, and have demonstrated experience in:

• Team Leadership and Management: Lead, mentor, and manage a team of cybersecurity engineers that deliver solutions. This includes creating a workplace environment that builds respect, trust, and teamwork. Additionally, this includes setting performance goals, conducting performance reviews, and providing professional development opportunities.
• Strategic Planning: Develop and implement strategic plans for cybersecurity projects and services ensuring alignment with cross-functional teams, company goals and organizational objectives to include Physical Security, Information Security, and Cyber Security requirements. Audit performance of defined strategic direction to determine effectiveness.
• System Design and Integration: Oversee the design and integration of system architectures and solutions. Ensure that all components work together seamlessly to meet the desired outcomes. Drive change through continuous improvement.
• Project Oversight: Manage the entire lifecycle of cybersecurity projects, from initial concept through to deployment and maintenance. Coordinate with cross-functional teams, manage timelines, and ensure projects are completed within budget.
• Technical Expertise: Provide specialized technical guidance and support to the team. Assist with troubleshooting complex issues, optimizing system performance, supporting end users with technical knowledge transfer that enhances their digital experience and productivity, and stay up-to-date with the latest industry trends and technologies. Acts in an advisory capacity on multi-disciplined teams
• Quality Assurance: Ensure that all systems and services meet the highest standards of quality and reliability. Implement best practices, conduct rigorous testing, and continuously improve processes.
• System Security: Ensure that system security requirements are met and maintained. This involves implementing security measures, monitoring vulnerabilities, and ensuring compliance with relevant regulations and standards.
• Communication, Documentation and Reporting: Communicate effectively, both in written and oral formatting, with technical and non-technical stakeholders, including Sr. Management. Maintain comprehensive documentation of system designs, configurations, changes, and guidelines. Prepare detailed reports, project plans, metrics, and presentations for stakeholders, highlighting key findings and recommendations., * Roles in this band provide people management direction to ensure the overall effective functioning of a function, sub-function, department or administrative process by implementing strategies and processes, and by building a high-performing team
• Achieves goals through the work of others
• Management responsibilities include performance appraisals, pay reviews, training and development
• Job focus is on managing others and applying operational or strategic management skills, The SRNS vision states that we will "be the standard of excellence in nuclear materials management by delivering knowledge, innovation and experience." This is underpinned by the recognition that everything we do relies on our employees and how they demonstrate the SRNS Standards of Excellence every day. Built on the foundation of safety and security, each employee is expected to: Model Excellence by demonstrating the highest standards and values in work and promoting them within the organization and to the customer. Deliver Results by meeting customer expectations to ensure objectives, goals and deadlines are met while being good stewards of resources. Energize and Recognize Teams through growing organizational strength and recognizing continued excellence. Build Relationships by developing relationships with coworkers and customers to foster a respectful workplace. Shape the Future by creating a diverse, innovative and integrated workforce that fosters mission success and company growth.

Do you have experience in System performance monitoring?, Do you have a Master's degree?, * Eight or more years of experience (YOE) as an individual contributor in one or more of the roles managed, OR Bachelor's Degree in a relevant field plus five or more years of experience (YOE) in one or more of the roles managed, OR Master's Degree in a relevant field plus three or more year of experience (YOE) in one or more of the roles managed

• Equivalencies to experience and education requirements will be considered

Manager position requires positive attitude, great interpersonal skills, and a customer centered serving attitude with site core competencies in the forefront.

Cyber Assurance Continuous Monitoring/Scanning Manager: Oversee a team of professional cybersecurity engineers responsible for vulnerability management, secure configuration management, and penetration testing activities.

A successful candidate with demonstrated technical and hands-on experience in applicable areas are:

• Well versed in the Risk Management Framework and Cybersecurity Framework.
• Ability to operate, coordinate, and execute continuous monitoring (CM) activities.
• Technical experience in scanning for vulnerabilities and compliance, creating and maintaining dashboards, writing and maintaining scripts/code, and maintaining and supporting enterprise tools.
• Experience in IT functions such as system patching and deployment, networks infrastructure, dataflows, firewalls, etc.
• Ability to identify risks, understand mitigations and impacts to different environments, and communicate with cross-functional teams, groups, and companies.
• Ability to understand policies and procedures and execute continuous monitoring activities to ensure compliance with federal and organizational requirements.
• Ability to learn new topics and teach them to team members.
• Ability to lead teams with diverse skills to ensure the proper cybersecurity posture is maintained across multiple boundaries and companies.

We'd Also Like to See

A successful candidate with demonstrated experience in applicable areas of management are:

• Technical experience in using continuous monitoring tools such as Tenable, Core Impact, Kali Linux, BurpSuite, etc.
• Experience with federal customers.
• CISSP, GICSP, CISA, GPEN, GWAPT certifications preferred.
• PMP or project management experience preferred.

Pulled from the full job description

• Health insurance
• 401(k) matching
• Paid time off
• Vision insurance
• Dental insurance
• Life insurance
• Disability insurance, $111,504 - $156,372

Note for Salary

This is the range within which SRNS expects the majority of qualified candidates would enter this role if offered. Actual offers may be more or less than the amounts shown depending on candidate's qualifications, experience, internal equity, and other factors., Savannah River Nuclear Solutions (SRNS) Benefits team is constantly assessing trends in the benefits area to provide the best possible services to our workforce. We ensure high quality outcomes of each service provider by consistent monitoring and oversight for positive results. We also negotiate cost effective premiums that will meet the needs of our evolving workforce. Your SRNS Health & Welfare benefits provide peace of mind and financial protection for you and your family. Some of the Benefits offered to full service employees include:

• Medical, Dental, and Vision insurance options
• Critical Illness and Accident Insurance
• Employer paid life insurance with buy up options
• Employer paid Short Term and Long Term Disability
• 401(k) with Employer Match
• Various wellness programs
• Paid Time Off and Holidays
• Discounts and other supplemental benefits

SRNS employees are critical to the success of SRNS, all while making the world a safer place. The work that we do every day makes a difference.

Standards of Excellence

As the Savannah River Site's management and operations contractor since 2008, Savannah River Nuclear Solutions (SRNS) makes the world safer. With safety and security in the forefront, SRNS develops innovative approaches to deliver on our environmental commitments and nuclear materials challenges; supplies products and services necessary to maintain the nation's nuclear deterrent; secures nuclear materials to prevent unwanted proliferation; and transforms nuclear materials into assets and stable wasteforms. The SRNS workforce is highly capable, engaged, and adaptable to meet existing and expanding missions. SRNS employees apply superior expertise and innovative solutions to complex and challenging national and global issues. We have the knowledge to address a range of national and international nuclear issues. We make the world safer - and you can, too.