Sr. Information Security Analyst

Job Title: Sr. Information Security Analyst Job Location:

Surry, VA Onsite Requirements: Security analyst or security engineer Firewall Windows Job Description: Client seeks an Information Security Analyst or Senior Information Security Analyst to join our IT professionals in the Nuclear IT Process Computer Systems group to protect the power station from cyber security threats.

This position will focus on the implementation and maintenance of the nuclear cyber security program and intrusion detection system software. The position will be filled at the level commensurate with the successful candidate's education, experience, knowledge, skills, and abilities. As part of the Nuclear IT Process Computer Systems team, the successful candidate will be responsible for cyber security activities at the station, including, but not limited to:

Responsibilities:

Maintenance, troubleshooting, and patching of cyber security monitoring systems including Security Information and Event Management (SIEM) systems and software. Performance of periodic scans and maintenance of removable media enrolled in the Portable Media Device program. Review and analysis of Security Controls Analysis documentation as member of the Cyber Security Assessment Team (CSAT). Participation on the Nuclear Cyber Security incident response team (CSIRT). Analysis of Critical Digital Assets (CDAs) for security breaches and ensuring that Surry Power Station remains in compliance with the Cyber Security Plan.

Performance of rogue wireless access point scans throughout the station power block and monitoring CDAs for rogue connections. Performance of hardening of Windows and Linux workstations and servers. Review of industry guidance for cyber security and application of principles to critical systems and critical digital assets.

Identification of gaps in cyber security controls and recommendation of technical or administrative solutions to remediate the gaps. Review of Change Management Records and Design Change Packages for cyber security compliance and impacts. Review of cyber security policies, standards, and procedures in support of programmatic requirements to meet our Cyber Security Plan.

Perform other duties as requested or assigned. Required Knowledge, Skills, Abilities & Experience Information Security Analyst: 3 years of directly related experience Network design and security, firewall configurations, virtual machines, and management of Windows or Linux operating systems. Server administration experience.

Ability to work well independently and in a team environment, communicate with other team members or clients and make decisions appropriately after consultation to support assigned projects. Familiar with security principles, and defense-in-depth techniques.

Familiar with SCADA or real-time systems.

Familiar with nuclear security controls analysis.

Understanding of Nuclear Cyber Security. Must be dedicated to continuous improvement and implementation of cyber security and cyber compliance best practices to support strategic regulatory compliance objectives for the Nuclear Business Unit.

Must possess excellent verbal and written communication skills and demonstrate the ability to present concepts, options or recommendations in a group setting. Proficient in the use of Microsoft Office software/collaboration tools. Senior Information Security Analyst: 5 years of directly related experience Experience with network design and security, firewall configurations and management Windows or Linux Security operating systems security.

Must be dedicated to continuous improvement and implementation of cyber security and cyber compliance best practices to support strategic regulatory compliance objectives for the Nuclear Business Unit. Ability to work well independently and in a team environment, communicate with other team members or clients and make decisions appropriately after consultation to support assigned projects. Proficient with security principles and defense-in-depth techniques.

Familiar with VMware, McAfee ePO and ESM, backup software, ELK Stack, Kibana. Familiar with SCADA or real-time systems.

Familiar with nuclear security controls analysis.

Understanding of Nuclear Cyber Security. Must possess excellent verbal and written communication skills and demonstrate the ability to present concepts, options or recommendations in a group setting. Proficient in the use of Microsoft Office software/collaboration tools.

Additional Preferred Experience: Network switches. Network security devices.

Network security tools.

Active Directory. Cyber forensics.

Cyber Security Qualification - GSEC, CISSP, Security, or similar. Completion of SANS 401 and 504. Education Requirements:

Degree or an equivalent combination of education and demonstrated related experience may be accepted in lieu of preferred level of education. Preferred Discipline(s): Computer Science, Computer Engineering, Information Systems, Cyber Security, Math or Business or technical equivalent. Other disciplines may be substituted for the preferred discipline(s) listed above. 3rd party and subcontract staffing agencies are not eligible for partnership on this position. 3rd party subcontractors need not apply.

This position requires candidates to be eligible to work in the United States, directly for an employer, without sponsorship now or anytime in the future. This client is a US Federal Government contractor and is legally required to hire US Citizens. US Citizens will only be considered for this role.