Cyber Governance Information Systems Security Officer (ISSO)

Requisition Id14413

Overview:

We're hiring an Information Systems Security Officer (ISSO) to facilitate continuous monitoring and RMF compliance across the organization! The ISSO will collaborate with various groups and ensure DOE security policies are properly implemented. Reporting to the Cyber Governance NSS Team Leader, the selected candidate will interact with all levels of the organization. The ISSO is responsible for ensuring security and compliance of classified information systems through policy implementation, user authorization, and system monitoring.

This position resides in the Cyber Governance group in the Cybersecurity division in the Information Technology Services Directorate at Oak Ridge National Laboratory (ORNL).

As a U.S. Department of Energy (DOE) Office of Science national laboratory, ORNL has an extraordinary 80-year history of solving the nation's biggest problems. We have a dedicated and creative staff of over 7,000 people! Our vision for diversity, equity, inclusion, and accessibility (DEIA) is to cultivate an environment and practices that foster diversity in ideas and in the people across the organization, as well as to ensure ORNL is recognized as a workplace of choice. These elements are essential for enabling the execution of ORNL's broader mission to accelerate scientific discoveries and their translation into energy, environment, and security solutions for the nation.

Major Duties/Responsibilities:

The ISSO leads continuous monitoring initiatives to maintain Risk Management Framework (RMF) compliance across the organization. They serve as the primary facilitator between security requirements and implementation, requiring strong information security knowledge, problem-solving capabilities for complex security challenges, and effective communication skills to bridge technical and non-technical stakeholders. This role is crucial for maintaining robust security posture and ensuring compliance with established frameworks.

• Operate and maintain systems per DOE security policies and SSPs
• Establish user authorization procedures for classified systems
• Support ISSM in cyber security policy implementation
• Develop/maintain SSPs and manage POA&Ms
• Conduct compliance reviews against NIST/CNSSI standards
• Oversee configuration management and change control
• Implement system recovery processes and contingency plans
• Assist with security testing and annual inspections
• Review system audit records and manage data transfers
• Document procedures and conduct user training
• Other duties as assigned for support within the program
• Deliver ORNL's mission by aligning behaviors, priorities, and interactions with our core values of Impact, Integrity, Teamwork, Safety, and Service. Promote diversity, equity, inclusion, and accessibility by fostering a respectful workplace - in how we treat one another, work together, and measure success.

Basic Qualifications:

• A BS degree in computer science, computer engineering, cybersecurity, information technology, information systems, science, engineering, business, or a related discipline and a minimum of five (5) to seven (7) years of aligned professional Cybersecurity experience with a proven track record of implementing enterprise-wide security plans and controls is required for consideration. An overall combination of equivalent education and experience may be considered.
• Demonstrated expertise in security control assessments and compliance frameworks (NIST 800-53, NIST CSF), with strong analytical skills for evaluating cyber risks.
• Superior communication abilities across written, verbal, and presentation formats, with experience developing comprehensive cybersecurity documentation.
• Proven ability to work autonomously while maintaining strict deadlines and ethical standards in complex technical environments.

Preferred Qualifications:

• MS degree in computer science, computer engineering, cybersecurity, information technology, information systems, science, engineering, business, or a related discipline and a minimum eight (8) years of aligned professional Cybersecurity experience, particularly in federal government programs.
• Valid DOE Q, DOD Top Secret, or DOD TS/SCI clearance.
• Demonstrated success obtaining Authorization to Operate (ATO) for government systems while managing competing priorities in high-pressure situations
• Industry-recognized certifications (CISSP, CISM, CISA, CRISC) and extensive experience with vulnerability management tools and processes
• Deep understanding of incident response procedures and enterprise security tool implementation

Special Requirements:

• Visa sponsorship is not available for this position.
• This position requires the ability to obtain and maintain a clearance from the Department of Energy. As such, this position is a Workplace Substance Abuse (WSAP) testing designated position. WSAP positions require passing a pre-placement drug test and participation in an ongoing random drug testing program.

Benefits at ORNL:

ORNL offers competitive pay and benefits programs to attract and retain dedicated people. The laboratory offers many employee benefits, including medical and retirement plans and flexible work hours, to help you and your family live happy and healthy. Employee amenities such as on-site fitness, banking, and cafeteria facilities are also provided for convenience.

Other benefits include the following: Prescription Drug Plan, Dental Plan, Vision Plan, 401(k) Retirement Plan, Contributory Pension Plan, Life Insurance, Disability Benefits, Generous Vacation and Holidays, Parental Leave, Legal Insurance with Identity Theft Protection, Employee Assistance Plan, Flexible Spending Accounts, Health Savings Accounts, Wellness Programs, Educational Assistance, Relocation Assistance, and Employee Discounts.

Having difficulty using the online application system or need an accommodation to apply due to a disability? Please email: ORNLRecruiting@ornl.gov.

This position will remain open for a minimum of 5 days after which it will close when a qualified candidate is identified and/or hired.

We accept Word (.doc, .docx), Adobe (unsecured .pdf), Rich Text Format (.rtf), and HTML (.htm, .html) up to 5MB in size. Resumes from third party vendors will not be accepted; these resumes will be deleted and the candidates submitted will not be considered for employment.

If you have trouble applying for a position, please email ORNLRecruiting@ornl.gov.

ORNL is an equal opportunity employer. All qualified applicants, including individuals with disabilities and protected veterans, are encouraged to apply. UT-Battelle is an E-Verify employer.