Job Description

<div>
 <p>
  The Cyber Security Authorizations Manager is responsible for the Cyber Security Authorization&rsquo;s team. This team is responsible for information system and software continuous authorization to operate, certification and technical testing. Also, development of the required documentation for new and existing information systems. This role is expected to manage the team that plans and executes security controls to secure information systems, networks, and data. Also, this work role collaborates with the security operations team focused on cyber risks and threats to information security systems. The Authorizations Manager will report to the Chief Information Security Officer (CISO), and will work with the Cyber Operations Manager, the Network Operations Center, Contractor Assurance and other business functional managers. This position is expected to have an expert understanding implementing the NIST Risk Management Framework (RMF) tailored to specific cyber environments. This manager shall lead a team at the Pantex production site, in Amarillo, Texas, inclusive of other geographically distributed staff members.
 </p>
 <p>
  Specific Job Responsibilities:
 </p>
 <p>
  &bull; Designs, tests, and implements state-of-the-art secure operating systems, networks, and database products.
 </p>
 <p>
  &bull; Conducts risk assessment and provides recommendations for application design. Involved in a wide range of security areas, including architectures, firewalls, electronic data traffic, and network access.
 </p>
 <p>
  &bull; Uses encryption technology, penetration, vulnerability analysis of various security technologies, and information technology security research.
 </p>
 <p>
  &bull; Assemble security reports to regulatory agencies
 </p>
 <p>
  &bull; Will serve as an Alternate Information System Security Manager (A-ISSM), assisting the primary ISSM in delegated duties.
 </p>
 <p>
  &bull; This position is expected to have an understanding of the NIST Risk Management Framework (RMF) and the various supporting elements.
 </p>
 <p>
  &bull; This role is expected to stay up to date on the latest risks and threats to information security systems, as well as working with the technology subject matter expert to develop risk assessments and the proper mitigations.
 </p>
 <p>
  &bull; Strong teamwork skills, including interaction with end users and operations personnel, in a service-oriented environment
 </p>
 <p>
  &bull; Maintain timely and effective communication with stakeholders to resolve cyber security issues (to include development and maintenance of employee cyber security training)
 </p>
 <p>
  &bull; Plan, prioritize, and coordinate assignments of cyber staff to projects
 </p>
 <p>
  &bull; Ensure risk-balanced security measures are integrated into IT projects and activities
 </p>
 <p>
  &bull; Manage compliance activities to support the contractor assurance program (i.e., patching and mitigation actions to resolve vulnerability scans)
 </p>
 <p>
  &bull; Establish policies and procedures to ensure appropriate cyber controls and monitoring are in place to ensure the confidentiality, integrity, and availability of business and NNSA information
 </p>
 <p>
  &bull; Support the CISO and other cyber security personnel to ensure implementation of the cyber security program remains in compliance with DOE/NNSA and NIST requirements
 </p>
 <p>
  &bull; Standardize, document, maintain, and automate where possible cyber processes for monitoring, analysis, and response to cyber incidents
 </p>
 <p>
  &bull; Plan, prepare, and devise work plans that ensure cyber efforts are conducted within approved budget and schedule parameters while implementing IS&amp;S project management processes
 </p>
 <p>
  &bull; Work with CISO to establish cyber metrics to gauge program effectiveness and perform internal audits and assessments
 </p>
</div>