Cyber Security Program Analyst Security Clearance

Position: Cyber Security Program Analyst with Security Clearance
Description The Cyber Security Program Analyst provides essential cybersecurity support for the Department of Energy located at the Savannah River Site (SRS) in Aiken, SC. The role involves advising the Authorizing Official on cyber risks, analyzing results from security assessments, and implementing mitigation strategies in alignment with national security objectives. Requirements
* This role will include leveraging knowledge of security policies, standards, controls, and industry best practices to consult with partners across the DOE complex.

* Will be involved in playing a critical role in ensuring that Governance, Risk and Compliance (GRC) functions are incorporated into key security services and program while validating risk mitigation functions are functioning correctly.

* Document and assist others in documenting security domain specific policies, standards, controls, control operating procedures.

* Liaise with GRC and stakeholders to ensure alignment between all groups.

* Must take ambiguous high-level language and translate it into real world operations.

* Diplomatically influence teams to implement a Governance Framework showing the value it will bring and tactfully help adjust existing operations to align with the framework.

* Stay current on information security technologies, trends, standards and best practices.

* Develop and understand Information Technology (IT)/cybersecurity strategies, policies, and guidelines for secure implementations

* Assess policy needs and collaborate with stakeholders to develop policies to govern IT/cyber activities

* Review, conduct, or participate in audits of cyber programs and projects

* Support management in the formulation of IT/cyber-related policies and provide expertise to course of action development

* Develop, implement, and recommend changes to appropriate planning procedures and policies

* Facilitate the sharing of "best practices" and "lessons learned" throughout the IT/ cyber operations community

* Provide subject matter expertise to planning teams, coordination groups, exercise, and task forces as necessary

* Provide input for the development and refinement of the IT/cyber operations objectives, priorities, strategies, plans, and programs

* Document lessons learned that convey the results of events and/or exercises

* Initiate, develop, and work data audits by collecting and reviewing all requirements and ensuring the correct information and data are prepared for team lead. Supporting and improving internal controls and data projects.

* Assist in developing data briefings for high-level executives.

* Assist with development of internal organization policies and procedures, which affect cross-functional activities and best practices.

* Create SOPs, including process maps, for developed dashboards and reporting procedures.

* Research of emerging technologies that have potential for exploitation and the impact on systems

* Provide and leverage industry best practices and lessons learned of external organizations and academic institutions dealing with cyber issues

* Analyze and assess internal and external partner (i.e., EM-HQ, DOE OCIO) cyber operations capabilities and tools.

* Assist DOE-SR Cyber Security with developing and maintenance of Cyber Lab.

* Develop and perform Cyber Security Awareness training

* Develop outcome-based measures (metrics) to determine the effectiveness and efficiency of the cyber security program and security controls

Knowledge, Skills and Abilities:

* A keen eye for detail with a track record of spotting and rectifying errors.

* Exceptional problem-solving skills coupled with the ability to effectively implement solutions.

* Thrive in collaborative environments, harnessing both internal and external expertise.

* Capable of driving a process-oriented mindset.

* Fast learner with the ability to absorb technical and process knowledge across various security domains.

* A strategic thinker who balances tactical execution with long-term planning.

* Skilled in conducting independent research and implementing automated solutions for DOE requests.

* Familiar with business intelligence and reporting tools like Tableau and Excel.

* Ability to convey technical challenges clearly to senior management.

* Effective at presenting information to showcase strategic portfolio landscapes.

* Proficient in handling large datasets and performing analytics.

* Advanced user of Excel, PowerPoint, Visio, and other Office applications.

* Adept at streamlining and distilling information within expansive organizations.

* Strong interpersonal skills are a must.

* Knowledgeable in governance frameworks such as COBIT, ITIL, NIST, and relevant cyber technologies.

* Understanding of cyber operations and their broader strategic implications.

* Skilled in developing policies and strategies that comply with relevant regulations.

* Solid grasp of cybersecurity threats, vulnerabilities, and their operational impacts.

* A fundamental understanding of IT and cyber principles along with strong communication…