Information System Security Officer; Cybersecurity Technical Staff

What You Will Do

This position will be filled at either the Cybersecurity Technical Staff 2 or 3 level, depending on the skills of the selected candidate. Additional job responsibilities (outlined below) will be assigned if the candidate is hired at the higher level.

We are seeking an Information System Security Officer (ISSO) to support both a highly technical Windows/Linux accredited environment and services within Amazon Web Services (AWS) on the Commercial Cloud Enterprise (C2E) platform. The ISSO will contribute to a portfolio of exciting and high-impact national security scientific research.

In this role, you will collaborate with interdisciplinary teams to design secure, high-performance computing solutions that drive world‑class scientific outcomes for our stakeholders. The Special Security IT and Cyber Operations group (SSO‑3) is an integral part of the Sensitive and Special Operations Division at Los Alamos National Laboratory (LANL), focusing on implementation of IT and network technologies for high security environments.

The SSO Division is responsible for the operation of special security facilities at LANL and remote sites, enabling cutting‑edge work in Emerging Threats, Energy Security, and Nuclear Threats and Deterrence. Our dedicated teams architect and implement secure computing environments used to tackle the nation’s toughest challenges in global and nuclear security.

As a member of the Special Security Cyber Operations Team, your responsibilities will include:

• Assisting the ISSM in development, implementation, and evaluation of the cybersecurity program for classified computing systems within the LANL Field Intelligence Element (FIE).
• Participating in or leading projects that address significant and/or complex cyber issues, working with multi-disciplinary teams to analyze and interpret national cybersecurity requirements in support of scientific research.
• Identifying, developing, and implementing solutions to address cyber threats and vulnerabilities.
• Evaluating and recommending new tools to strengthen the FIE’s cybersecurity posture.
• Contributing to security reviews, assessments, security plan development, and related documentation for classified systems.

In addition to what was outlined at the lower level, at this level, candidates will have proven success performing highly technical work in accredited environments or leading cybersecurity related teams to success in accredited environments as outlined in the Minimum Job Requirements for a CTS‑3.

• Serving as primary or alternate ISSO for the Department of Energy’s Office of Intelligence and Counterintelligence (DOE‑IN) for Strategic Partner information systems.
• Implementing the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF), in accordance with Intelligence Community Directive (ICD) 503, the Committee for National Security Systems publications, and NIST Special Publications (SP) 800 series.
• Performing continuous monitoring activities in support of ongoing authorizations and maintaining effective monitoring of security controls. This includes risk assessments, self‑assessments, account management, configuration management, vulnerability management, and auditing of information systems.
• Developing and maintaining authorization packages, including System Security Plans (SSPs), Plans of Actions and Milestones (POA&Ms), and Security Assessment Reports (SARs).
• Supporting secure system deployment and operations in AWS Classified Regions (Secret and Top Secret).

• Proficiency in the implementation of the NIST RMF for national security systems in accordance with all applicable NIST publications, DOE orders, DOE‑IN policies, ICDs, and other government agency governing requirements.
• Hands‑on experience with AWS Commercial Cloud Enterprise (C2E) environments and AWS security services such as IAM, Guard Duty, Cloud Trail, and KMS. Candidates must have prior cyber‑related work experience within AWS environments.
• Understanding…