Information Systems Security Manager
Job posting number: #7116895 (Ref:414486)
Posted: November 29, 2022
Application Deadline: Open Until Filled
We are seeking a talented Information Systems Security Manager (ISSM) to join the Field Intelligence Element (FIE). The FIE enables Argonne National Laboratory to provide products and services to DOE’s Office of Intelligence and Counterintelligence (DOE-IN), the Intelligence Community (IC) and non-IC Federal agencies. Primary roles and responsibilities for the FIE include the management and operation of secure facilities and their associated telecommunications infrastructure for the creation, storage, protection and exchange of classified information, as well as, administration of the Strategic Intelligence Partnership Program (SIPP).
As the ISSM your role will be to lead the ANL FIE’s cybersecurity program while championing a culture of security and accountability. It will be your responsibility to acquire and manage the necessary resources to support the organization’s technical, administrative, and organizational information security goals in order to reduce risk and meet Federal compliance requirements.
In this role you will lead efforts to research, plan, implement, assess, and monitor security controls protecting a diverse set of technologies in a classified environment. This role requires a blend of technical knowledge and risk management expertise to effectively operationalize Federal, DOE, and IC information security standards in the execution of a comprehensive information security program. You will also lead efforts in planning, securing, and authorizing new and existing Federal information systems across all stages of the system development lifecycle.
Collaborate with internal and external stakeholders in the implementation, assessment, and ongoing monitoring of Committee on National Security Systems Instruction (CNSSI) 1253 security controls
Provide cybersecurity advice and support throughout the IT system lifecycle
Communicate the importance of IT security, promote awareness of security issues, and educate project teams on relevant CNSS and IC requirements
Supervise and report on all phases of incident response activities
Oversee the organization’s vulnerability management program
Conduct manual security assessments of IT systems at all layers of the technology stack
Prepare documentation at each step of the Risk Management Framework (RMF) process in pursuit of an Authority to Operate (ATO) for a variety of systems and networks
Oversee the information security training and awareness program
Prepare, distribute, and maintain information security plans, instructions, guidance, and standard operating procedures
Relevant Bachelor’s degree, or equivalent experience, plus at least 5 years of experience in system administration, security engineering, IT assessment, or other cybersecurity-related roles
Strong IT background with the ability and desire to learn new technologies
Strong oral and written communication skills with technical and non-technical audiences
Experience with Federal cybersecurity standards, including NIST SP 800-series, CNSSI 1253, and Intelligence Community Directive (ICD) 503
Experience planning and leading ATO efforts for Federal information systems
Proficient time management and task prioritization skills, with outstanding attention to detail
Self-starter who is able to execute job responsibilities under limited supervision
U.S. citizen with an active TS/SCI clearance
Preferred Knowledge, Skills and Experience
Master’s degree in Cybersecurity, IT Management, or a related field
Experience with scripting languages, including Python, BASH, and PowerShell
Experience with RMF ATO workflow and automation tools such as eMASS or Xacta
Experience assessing, monitoring, and improving the security posture of IT systems
Experience writing cybersecurity-related plans and documentation
At least one security-focused certification, such as: Security+ CE, CySA+, SSCP, CCNA Security, CAP, CISA, CISM, OSCP, or CISSP
At least one OS/technology-focused certification, such as: CCNA, CCNP, MCSA, MCSE, Linux+, RHCSA, or RHCE
Knowledge of the following:
Computer networking concepts and network security methodologies
Defense-in-depth security principles at all layers of a technology stack
Network, application, and operating system hardening techniques (e.g., DISA STIGs or CIS benchmarks)
Current and emerging cybersecurity threats
Current and emerging IT and cybersecurity technologies
Host and network access control mechanisms
Data backups, types of backups, and recovery tools
Penetration testing principles, tools, and techniques
Incident response and handling methodologies
Other: The ideal candidate would be a former system administrator or security engineer (Linux, Windows) who has moved into an Information Assurance role in the past and has the overall knowledge of running an entire Information Assurance program.
Job FamilyProfessional Technical (PT)
Job ProfileComputing Security 5
Time TypeFull time
As an equal employment opportunity and affirmative action employer, and in accordance with our core values of impact, safety, respect, integrity and teamwork, Argonne National Laboratory is committed to a diverse and inclusive workplace that fosters collaborative scientific discovery and innovation. In support of this commitment, Argonne encourages minorities, women, veterans and individuals with disabilities to apply for employment. Argonne considers all qualified applicants for employment without regard to age, ancestry, citizenship status, color, disability, gender, gender identity, gender expression, genetic information, marital status, national origin, pregnancy, race, religion, sexual orientation, veteran status or any other characteristic protected by law.
Argonne employees, and certain guest researchers and contractors, are subject to particular restrictions related to participation in Foreign Government Sponsored or Affiliated Activities, as defined and detailed in United States Department of Energy Order 486.1A. You will be asked to disclose any such participation in the application phase for review by Argonne's Legal Department.
All Argonne offers of employment are contingent upon a background check that includes an assessment of criminal conviction history conducted on an individualized and case-by-case basis. Please be advised that Argonne positions require upon hire (or may require in the future) for the individual be to obtain a government access authorization that involves additional background check requirements. Failure to obtain or maintain such government access authorization could result in the withdrawal of a job offer or future termination of employment.
Please note that all Argonne employees are required to be vaccinated against COVID-19. All successful applicants will be required to provide their COVID-19 vaccination verification as a condition of employment, subject to limited legally recognized exemptions to COVID-19 vaccination.
Argonne is an equal opportunity employer, and we value diversity in our workforce. As an equal employment opportunity and affirmative action employer, Argonne National Laboratory is committed to a diverse and inclusive workplace that fosters collaborative scientific discovery and innovation. In support of this commitment, Argonne prohibits discrimination or harassment based on an individual's age, ancestry, citizenship status, color, disability, gender, gender identity, genetic information, marital status, national origin, pregnancy, race, religion, sexual orientation, veteran status or any other characteristic protected by law.