Job Information
Sandia National Laboratories Cybersecurity Risk - Cyber Assurance Architect (Mid Career) HYBRID in Albuquerque, New Mexico
About Sandia:
Sandia National Laboratories is the nation’s premier science and engineering lab for national security and technology innovation, with teams of specialists focused on cutting-edge work in a broad array of areas. Some of the main reasons we love our jobs:
Challenging work with amazing impact that contributes to security, peace, and freedom worldwide
Extraordinary co-workers
Some of the best tools, equipment, and research facilities in the world
Career advancement and enrichment opportunities
Flexible work arrangements for many positions include 9/80 (work 80 hours every two weeks, with every other Friday off) and 4/10 (work 4 ten-hour days each week) compressed workweeks, part-time work, and telecommuting (a mix of onsite work and working from home)
Generous vacations, strong medical and other benefits, competitive 401k, learning opportunities, relocation assistance and amenities aimed at creating a solid work/life balance*
World-changing technologies. Life-changing careers. Learn more about Sandia at: http://www.sandia.gov*These benefits vary by job classification.
What Your Job Will Be Like:
We are seeking a mid-career Cyber Assurance Architect to join our dynamic team and provide cyber assurance expertise in support of the national security mission of Sandia National Labs. The focus of this role will be cybersecurity risk analysis and support of Sandia’s risk management strategy as it pertains to information security.
On any given day, the selected candidate may be called on to:
Act as a cyber security subject matter expert to address customer and partner questions and concerns.
Coordinate and support Sandia’s Site Risk Management Council (SRMC) and collaborate on integration between the Cyber SRMC and Site SRMC.
Participate in and document cybersecurity risk assessments of existing or new services and technologies.
Perform monitoring activities for ongoing treatment of selected risks.
Provides accurate and concise information and council to governance and executive leadership teams that enables them to make informed risk management decisions.
Coordinates with Sandia’s procurement organization to implement a sub-contractor assurance capability focused on cybersecurity.
Maintain up-to-date technical knowledge and interpretation of regulatory requirements and authority documents to include DOE Orders/NNSA directives, NIST Cybersecurity Framework, NIST SP 800-37, NIST SP 800-53, and other requirement drivers.
Support cyber assurance audit response activities related to management of risks to information and information systems.
Develop and present cybersecurity related briefings, presentations, and white papers.
Work with appropriate stakeholders to obtain approval or concurrence on risk treatment plans, monitoring activities, and reassessment of risk.
Advise management on a wide range of cyber assurance topics.
The selected applicant can work a combination of onsite and offsite work. The selected applicant must live within a reasonable distance for commuting to the assigned work location when necessary.
Salary Range:
$90,900 - $176,900
*Salary range is estimated, and actual salary will be determined after consideration of the selected candidate's experience and qualifications, and application of any approved geographic salary differential.
Qualifications We Require:
Bachelor's degree in Management Information Systems, Information Assurance, Computer Science, or other relevant computer field plus five (5) or more years relevant experience; OR equivalent experience and education (Master's degree + two years; AS + 9 years; No degree + 13 years)
Experience and understanding of the Risk Management Framework as detailed in NIST publications and risk management practice in general .
Ability to obtain and maintain a DOE Q level clearance
Qualifications We Desire:
Active DOE Q or DOD TS security clearance
Knowledge and experience with DOE Orders/NNSA cyber security directives and policies; relevant federal and private standards and requirements (e.g., NIST, ISO, CNSS, STIGS)
Experience working within a federal cyber security program
Experience with the Cybersecurity Maturity Model Certification (CMMC) Program
Demonstrated experience partnering across a diverse organization.
Experience with policy analysis and policy development
Experience conducting cybersecurity risk assessments.
Excellent verbal and written communication skills
About Our Team:
Sandia National Laboratories' Cyber Security Assurance Department is responsible for defending and protecting Sandia's cyber environment against threats to its information; thus enabling successful execution of mission work. The foundation of the Cyber Security Assurance Program is our risk management framework which establishes how Sandia implements the National Nuclear Security Administration (NNSA) Program Cyber Security Plan. Our cyber security assurance responsibilities include architecting solutions to satisfy ever-changing mission needs within an acceptable risk tolerance, effectively applying technical controls and staying within certification and accreditation parameters. Additionally, the Cyber Assurance Program performs research, development and assessment of technical and administrative cyber controls for the purpose of ensuring a secure environment. We do this through careful determination and understanding of Sandia's risk posture, tolerances, and mitigation plans from a cyber-security perspective.
Posting Duration:
This posting will be open for application submissions for a minimum of seven (7) calendar days, including the ‘posting date’. Sandia reserves the right to extend the posting date at any time.
Security Clearance:
Sandia is required by DOE to conduct a pre-employment drug test and background review that includes checks of personal references, credit, law enforcement records, and employment/education verifications. Applicants for employment need to be able to obtain and maintain a DOE Q-level security clearance, which requires U.S. citizenship. If you hold more than one citizenship (i.e., of the U.S. and another country), your ability to obtain a security clearance may be impacted.
Applicants offered employment with Sandia are subject to a federal background investigation to meet the requirements for access to classified information or matter if the duties of the position require a DOE security clearance. Substance abuse or illegal drug use, falsification of information, criminal activity, serious misconduct or other indicators of untrustworthiness can cause a clearance to be denied or terminated by DOE, resulting in the inability to perform the duties assigned and subsequent termination of employment.
EEO:
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or veteran status and any other protected class under state or federal law.
NNSA Requirements for MedPEDs:
If you have a Medical Portable Electronic Device (MedPED), such as a pacemaker, defibrillator, drug-releasing pump, hearing aids, or diagnostic equipment and other equipment for measuring, monitoring, and recording body functions such as heartbeat and brain waves, if employed by Sandia National Laboratories you may be required to comply with NNSA security requirements for MedPEDs.
If you have a MedPED and you are selected for an on-site interview at Sandia National Laboratories, there may be additional steps necessary to ensure compliance with NNSA security requirements prior to the interview date.
Job ID: 693527
Job Family: IT
Regular/Temporary Position: T
Full/Part-Time Status: F