Cyber Security Analyst

Oasis Systems, Inc. Rockville , MD 20850

Posted 1 week ago

Overview

Oasis Systems has an exciting opportunity for a full time Cyber Security Analyst to support the Nuclear Regulatory Commission (NRC) within the nuclear energy sector as he or she implements and matures regulatory cyber security programs, contributing to both the government and industry. The Cyber Security Analyst will actively support the agency as it establishes cyber security regulation and guidance to promote safety and security regulating special nuclear material.

NOTE: Applicants who have worked for the nuclear power industry within the last year are not eligible. Applicants who have worked for the nuclear power industry past a year may be eligible and are required to disclose the name of the company or companies, specify the work performed, and how long ago the applicant was employed.

REQUIRED QUALIFICATIONS: (Education, Certifications, Experience, Skills)

This candidate must have experience with the following:

  • EXPERIENCE LEVEL: Minimum of 8 years of IT experience and cyber security experience a must. Experience working with government consulting, and experience leading audits

  • EDUCATION: BA/BS degree in engineering, computer science, cyber security, or related fields, or equivalent.

  • CERTIFICATIONS AND TOOLS: The Ideal candidate will also have one or more of the following certifications: CISSP, CISM, CEH, CISA, Security+ and/or CAP

  • SECURITY CLEARANCE: Ability to obtain a DOE security clearance.

  • TRAVEL: Up to 25%

  • Communication Skills:

  • Ability to facilitate/participate in public meetings with the nuclear industry, where the press and other high visibility entities may be present

  • Ability to communicate both orally and in writing appropriate to the audience and political dynamic of a given situation

  • Strong writing skills and the ability to compose highly visible original documents that are relied upon by the nuclear industry

  • Ability to provide, verbally or in writing, a technical opinion or an interpretation of information based on in-depth and expert knowledge in a particular subject area

  • Knowledge of IT security audits

  • Cyber security engineering principles

DESIRED QUALIFICATIONS: (Education, Certifications, Experience, Skills)

This candidate shall have experience with the following:

  • Knowledge of penetration testing including foot printing and scanning.

  • Familiarity with hacking tools

  • Knowledge of vulnerability management

  • Familiarity with regulatory standards such as NIST

  • Industry certifications such as CISSP, CEH, ITIL, CISA, or CISM

JOB RESPONSIBILITIES: Functionally, the successful candidate will:

  • The analyst will participate in the cyber inspection process by analyzing the adequacy of the implementation of cyber security programs by licensees (entities with a license to handle nuclear materials). This participation will include assisting the NRC lead inspector in preparing for the frequent cyber inspections and aiding in identifying the critical systems and critical digital assets in need of inspection.

  • When preparing for a cyber inspection, the analyst will review technical documentation provided by the licensee in response to the formal request for information letter. The analyst will also analyze cyber vulnerability assessments and identify technical issues associated with a licensee assessment of digital critical systems or critical digital assets.

  • After this stage of review and analysis, the analyst will communicate to the inspection team the technical issues identified during the inspection process with a nexus to the regulatory basis and will write up justifications of the technical issues that could lead to potential findings during the inspection.

  • When not working directly on inspections, the analyst will interact with NRC project leads by spearheading a variety of innovative cyber initiatives, including writing, revising, and participating in meetings for regulatory guidance on various cyber security issues affecting the Nuclear Regulatory Commission. Other work with project leads will include developing responses to technical issues that arise from the application of cyber security regulations and analyzing cyber security best practices and recommending how those practices are applicable to the program's cyber security requirements. The analyst will be expected to possess strong communication skills, including dynamic delivery, ability to tailor subjects to the audience, and a sense of diplomacy.

  • The analyst will also help to develop and present cyber security trainings so that NRC inspectors and staff may become more effective when assessing the NRC cyber security program at nuclear power reactor sites and successfully engage in oversight and enforcement activities. This work will include writing and designing course content and developing classroom and laboratory exercises related to the subject area.

Who We Are

Oasis Systems is a premier provider of customer-driven, cost-effective and quality Engineering Services; Enterprise Systems and Applications; Human Factors Engineering; Information Technology and Cyber Security; Professional Services; and Specialized Engineering Solutions to the Department of Defense, FAA, NRC and other federal agencies.

We strive to be an exciting and welcoming company that attracts, develops, motivates and retains the most talented, skilled and dedicated people in the industry; where they are encouraged to achieve personal excellence, purpose, and their full potential and career aspirations; while supporting mission-critical national security technologies and programs.

MAR Division of Oasis Systems is an equal opportunity employer and does not discriminate in hiring or employment on the basis of any legally protected characteristic including, but not limited to, race, color, religion, national origin, marital status, gender, sexual orientation, ancestry, age, medical condition, military veteran status or on the basis of physical handicap which, with reasonable accommodation, render the application to satisfactorily perform the job available.


icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Cyber Security Analyst

Electrosoft Services, Inc

Posted 3 days ago

VIEW JOBS 4/19/2019 12:00:00 AM 2019-07-18T00:00 Electrosoft Services, Inc. is a privately held, Information Technology (IT) professional services company with a special focus on cybersecurity. We have been serving Federal government since 2001. We are a 8(a) and EDWOSB firm with ISO 9001 and CMMI Level 3 certifications. Job Description: Cyber Security Analyst Under indirect supervision, research, analyze, and develop recommendations for PKI requirements and future technology advancements. Must possess strong understanding of current cybersecurity posture and future requirements. Must possess understanding of cybersecurity policy, procedures, processes, and associated documentation. Evaluate and provide A&A for emerging technologies. Develop white papers on technological developments. Must have strong written and oral communication skills with basic database understanding. Roles and Responsibilities: * Assist in the integration of the PKI products * Develop detailed build documents * Design, execute, and document the results of specific test scenarios * Configure Hardware Security Modules (HSMs) * Analyze, select, and design implementation strategies of PKI encryption technologies and products * Develop documentation required to support the program's technical issues and training situations * Conduct formal analysis of alternatives between potential products * Prepare white papers, reports, product evaluations, and policy documents * Collect, analyze, and report technical performance metrics * Lead working groups and forums on PKI policy, procedures, and technologies; and participation in multi-discipline working groups: * Serve as a PKI Registration Authority (RA) for unclassified and classified PKI systems * Issue, revoke, and recover PKI certificates to end users and devices on unclassified and classified systems * Provide support to other trusted PKI roles in accordance with PKI Certificate Policy/Certificate Practice Statement/Registration Practice Statement within the organization Required Skills/Certifications & Experience * Bachelors Degree * 5 Years Cybersecurity or PKI. * Security + Certification Preferred Skills/Certifications & Experience * Masters Degree in related field * IAM-II Certificate (CISSP, CISM, CASP, GSLC, CAP) Location: Rockville, MD Job Type: Full-Time Individuals seeking employment at Electrosoft Services are considered without regards to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, or sexual orientation. You are being given the opportunity to provide the following information in order to help us comply with federal and state Equal Employment Opportunity/Affirmative Action record keeping, reporting, and other legal requirements. Electrosoft Services, Inc Rockville MD

Cyber Security Analyst

Oasis Systems, Inc.