Los Alamos National Laboratory Cybersecurity Technical Staff 1 in Los Alamos, New Mexico
What You Will Do
The Office of the Chief Information Officer (OCIO) orchestrates the information security and technology environment across the Laboratory through strategic planning, cybersecurity advisory support, governance, policy development, risk management, and efficient, effective portfolio management. Depending on your strengths and experience you may perform duties related to risk management, technical vulnerability assessment, certification and accreditation, or act as a senior cybersecurity advisor to key mission and operational organizations at the Laboratory.
The ideal candidate will be a self-starter with an inquisitive, analytical mind that constantly looks for solutions to difficult problems. The employee must have the ability to convey complicated technology and security concepts to stakeholders at multiple levels and ideally has technical knowledge and/or experience in multiple relevant areas. A proficiency in a risk management framework and conducting risk assessments in a regulated environment is desired.
As a Cybersecurity Technical Staff in the OCIO you will perform a range of duties to help ensure cybersecurity for the Laboratory. Areas of potential effort include: technical vulnerability assessment, certification and accreditation of IT systems based on a risk management framework (RMF) approach (i.e. NIST 800-53); contribution to documentation and processes to achieve Authorizations to Operate (ATOs); risk analysis of IT Systems; act in an advisory role to mission organizations to identify and resolve cybersecurity issues; recommend lessons learned and mitigations based upon incidents and penetration testing; information security control evaluation and testing; and the development and implementation of processes and tools to enable the Laboratory’s mission. You will be expected to keep an up-to-date understanding of all relevant federal requirements and RMF best business practices and apply them in your daily work activities, including supporting the development of policy and procedural documents. You may be expected to identify, assess, and defend against cyber system vulnerabilities, risks, and resulting physical or mission impacts. You may be expected to contribute to creating intelligence or operational products and perform cyber analysis. You will be expected to collaborate with other cyber security and information technology experts at the Laboratory, mission stakeholders, and others throughout the Department of Energy complex. As a result, good communication, diplomacy and interpersonal skills are required. Additional detail on potential job related duties and proficiency include but not limited to:
Assists in resolving cyber issues and providing input or guidance as appropriate.
Assists in evaluating new tools, risk analysis approaches, researches exploitation methods and techniques, and proposes effective solutions to cyber security issues.
Assists in the implementation of metrics, analyzing data for new and unusual features, and the manipulation of raw data when needed to gather information.
Assists in establishing and automating the implementation, configuration and maintenance of NIST related standards and controls for networks and systems.
Assists in the development and presentation of technical reports and briefings on complex system vulnerabilities to convey risks, impacts and security control recommendations to senior management and stakeholders.
Assists in establishing direction and milestones for well-defined tasks involving more than one person. Scopes tasks within a project and defines deliverables at a task level within the approved scope, schedule, and budget.
Assists in researching, assembling, and/or evaluating information or data regarding industry practices or applicable regulatory changes affecting cyber security policies or programs.
Assists in acting as a trusted advisor across functions and organizations and helps maintain OCIO as an ethically and legally pristine organization. Displays the strength to stand by difficult, but sound decisions, while helping steer stakeholders towards outcomes that support mission and operations.
Understands and adheres to all basic Laboratory and industry regulatory guidance and governance specific to cyber security.
Helps ensure all results, processes, and final products meet quality specifications and are completed according to established requirements.
What You Need
Minimum Job Requirements:
Basic knowledge of and demonstrated experience with aspects of current IT technology including software, networks, security tools, services and related protocols.
Basic knowledge of information security practices for one or more of the following disciplines: Mobility and Remote Computing, Cloud Computing, High Performance Computing, Data Base Security, or Industrial Control Systems.
Basic knowledge of and experience in one or more of the following disciplines: computer science, information security, information assurance, or cyber security.
Basic technical knowledge of cyber threats and vulnerabilities and demonstrated ability to apply that knowledge to system engineering, analytics, risk management, policy or operations as well as communicate that knowledge to a spectrum of stakeholders.
Safety and security are a primary responsibility for all Laboratory employees. Maintains required safety and security training, assures safety and security compliance, and makes safety and security an integral part of every task, including taking the necessary steps to stop work if continuing the job is unsafe or compromises security.
Fosters a mutually respectful work environment that is free from discrimination and harassment.
Knowledge of and demonstrated experience related to vulnerability assessment, detection and mitigation, red teaming, reverse engineering, forensics, or incident response.
Demonstrated regulatory compliance knowledge of some of the following: FIPS, HIPAA, FISMA, NIST RMF, CNSS, or FedRAMP.
Exposure to Security Architectures and Principles such as OWASP, SSAE-16, SAS70, ISO 27001, or HIPAA.
Experience with an electronic governance, risk, and compliance tool such as Archer, Xacta, or KeyLight.
Understanding of Department of Energy (DOE),National Nuclear Security Administration (NNSA), and LANL computer and information security policies, practices, and procedures.
Technical experience protecting classified information and sensitive unclassified information.
Basic working knowledge of operations and security requirements at the Laboratory.
Experience with classified and unclassified government networks.
Active DOE Q clearance or Department of Defense (DoD) Top Security clearance.
Education:Position typically requires a bachelor’s degree in a technical field and a minimum of 2 years of related experience, or an equivalent combination of education and experience.
Clearance: Q(Position will be cleared to this level). Applicants selected will be subject to a Federal background investigation and must meet eligibility requirements* for access to classified matter.
*Eligibility requirements: To obtain a clearance, an individual must be at least 18 years of age; U.S. citizenship is required except in very limited circumstances. See DOE Order 472.2 for additional information.
New-Employment Drug Test: The Laboratory requires successful applicants to complete a new-employment drug test and maintains a substance abuse policy that includes random drug testing.
Regular position:Term status Laboratory employees applying for regular-status positions are converted to regular status.
Equal Opportunity:Los Alamos National Laboratory is an equal opportunity employer and supports a diverse and inclusive workforce. All employment practices are based on qualification and merit, without regards to race, color, national origin, ancestry, religion, age, sex, gender identity, sexual orientation or preference, marital status or spousal affiliation, physical or mental disability, medical conditions, pregnancy, status as a protected veteran, genetic information, or citizenship within the limits imposed by federal laws and regulations. The Laboratory is also committed to making our workplace accessible to individuals with disabilities and will provide reasonable accommodations, upon request, for individuals to participate in the application and hiring process. To request such an accommodation, please send an email to email@example.com or call 1-505-665-4444 option 1.
Where You Will Work
Located in northern New Mexico, Los Alamos National Laboratory (LANL) is a multidisciplinary research institution engaged in strategic science on behalf of national security. LANL enhances national security by ensuring the safety and reliability of the U.S. nuclear stockpile, developing technologies to reduce threats from weapons of mass destruction, and solving problems related to energy, environment, infrastructure, health, and global security concerns.
Maximum Salary: 118200
Minimum Salary: 72500
Location: Los Alamos, NM, US
Contact Name: Jiron, Sue Antoinette (Antoinette)
Organization Name: OCIO/Office Of The Chief Information Officer
Job Title: Cybersecurity Technical Staff 1
Appointment Type: Regular
Req ID: IRC61579