More jobs:
SMC - Information System Security Officer
Job in
Idaho Falls, Bonneville County, Idaho, 83401, USA
Listed on 2026-07-08
Listing for:
Idaho National Laboratory
Full Time
position Listed on 2026-07-08
Job specializations:
-
IT/Tech
Cybersecurity, Information Security
Job Description & How to Apply Below
Position Summary
Ensure the appropriate operational security posture for the Specific Manufacturing Capability (SMC) Information System (IS) is maintained to include ensuring implementation of DoW and SMC Site cybersecurity policies, practices, and procedures. Work with IS owners and the IS Information System Security Manager (ISSM) and serve as advisor on all matters, technical and otherwise, involving security of the IS.
Essential Job Functions and Responsibilities- Conduct audits of SMC IS to ensure compliance with Joint Special Access Program (SAP) Implementation Guide (JSIG), DoW Cybersecurity Service Provider (CSSP) requirements.
- Lead and direct the development of IS accreditation packages (i.e., system security plan, security control assessment, risk assessment, etc.) in accordance with federal directives and the Risk Management Framework (RMF).
- Report all security‑related incidents to the ISSM.
- Integrate applicable IS requirements, controls, and processes into design specifications in accordance with DoW established standards, policies, procedures, guidelines, directives, and regulations and laws (statutes).
- Act as the subject matter expert (SME) in the security of basic network and telecommunications services/data (e.g., perimeter defense strategies, defense‑in‑depth strategies, and data encryption techniques). Understand the policies, procedures, and controls required to protect network and telecommunication services and assess technical, operational, and administrative security controls as mandated by RMF standards.
- Coordinate any changes or modifications to hardware, software, or firmware of a system with the ISSM and AO/DAO prior to the change.
- Ensure audit records are collected, reviewed, and documented (to include any anomalies).
- Ensure all IS security‑related documentation is current and accessible to properly authorized individuals.
- Lead others in maintaining change control, ensuring configuration management of the IS to protect the system and data in accordance with technical, operational, and administrative security control requirements.
- Perform a variety of data collection, analysis, reporting and briefing activities associated with security operations and maintenance to ensure that the organizational security policies are implemented and maintained on the IS.
- Verify cybersecurity awareness training and requirements are current for IS users based on identified needs and organizational policies and within organizational time frames. Develop IS training material as needed to support end‑user training requirements.
- Coordinate with the appropriate management and security offices to ensure IS users have the required security clearances and need‑to‑know authorizations before accessing information systems. Collect and track required documentation for IS user accounts.
- Identify, categorize, investigate, isolate, assess, and report IS cybersecurity incidents in coordination with other organizations. Coordinate with the appropriate security offices to ensure that physical controls are implemented as required.
- Participate in the creation, review, and assessment of policies and procedures supporting the secure use and operation of SMC information systems that includes, but is not limited to, system security plans, vulnerability management, risk management, configuration management, change management, and others.
- Promote awareness of cyber policy and strategy as appropriate among management and ensure sound principles are reflected in the organization’s mission, vision, and goals.
- Assist the ISSM in meeting their duties and responsibilities. The ISSO shall assume ISSM responsibilities in the absence of the ISSM.
- Attend required technical and security training (e.g., operating system, networking, security management) relative to assigned duties.
- Maintain required IA certifications.
- Other duties as assigned.
- Education:
Level 4 – Bachelor’s and 9 years of experience. Master’s and 6 years of experience. PhD and 4 years of experience. Relevant experience commensurate with level. - DoD 8570/8140 IAM Level II certification. IAM Level II certifications include CISSP, CAP, CISM, and GSLC. CISSP or CISM…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×