Responsibilities

PNNL’s Cybersecurity Group is looking for an experienced Information System Security Officer (ISSO) to join our team supporting the PNNL Cyber Governance team. You must be a cross-discipline and technical professional who can hit the ground running, quickly integrate, and assist your team in technical strategy but also serve as a mentor and people integrator, keeping your team connected to PNNL's mission and taking pride in ensuring sponsor information systems are operated securely.

As an ISSO, you will play a critical role in ensuring the confidentiality, integrity, and availability of PNNL’s information systems and data. You will work closely with stakeholders across PNNL to implement and maintain robust security measures in accordance with government regulations and organizational policies. PNNL's ISSO’s take direction from the Information System Security Manager to enrich, document, and monitor PNNL's cyber security program implementation plan, and ensures compliance with DOE management policies.

The selected candidate will work with a high degree of independence to execute their responsibilities for secure and efficient operations in accordance with pertinent (DOE and PNNL) procedures, requirements, and policies. The position works hand in hand with the ISSM to assist in assuring compliance with all applicable Executive Orders, Directives, and DOE procedures. Some of the specific duties include:

• Security Compliance: Drive consistency in our information assurance processes to ensure compliance with all relevant security regulations, policies, and procedures, including NIST SP 800-53, and other applicable standards. Participate in regular audits and assessments to identify and mitigate security vulnerabilities.

• Risk Management: Identify, assess, and prioritize security risks to information systems. Develop and implement risk mitigation strategies to safeguard sensitive data and prevent unauthorized access or disclosure.

• Security Architecture: Consult on the design, implementation, and maintenance of information systems architectures. Collaborate with system architects and engineers to integrate security controls and technologies into system designs.

• Security Monitoring: Utilize and monitor security tools and systems to verify compliance across the network.

• Security Training and Awareness: Provide security training and awareness programs to educate ISSOs and system users on security best practices and procedures. Promote a culture of security consciousness throughout the organization.

• Security Documentation and Reporting: Maintain accurate and up-to-date security documentation, including system security plans, risk assessments, and accreditation packages. Prepare and submit required security reports to government agencies as needed.

• Enable Research: Collaborate in developing novel solutions to cybersecurity challenges posed by innovative research in a highly secure environment.

• Monitors against authorized security control requirements and provides continuous monitoring assessments of the risk represented by system and application configurations or vulnerabilities.

• Leverages data sources to prevent, detect, respond and remediate internal and external attacks or attempts to gain unauthorized access to internal and/or external information, network, or data systems.

• Interprets, analyzes, and executes incident response actions for detected intrusion anomalies and events.

• Ensures all events and anomalies are investigated, documented and reported in accordance with established processes and procedures.

• Conducts system, network, or software vulnerability assessments and penetration testing in accordance with established processes and procedures.

• Manages and operates tools specific and necessary for cyber security operations functions.

• Conducts information risk assessments and supports compliance documentation and system accreditation requirements.

• Interacts with stakeholders and sponsors to ensure technical analyses and generated products are appropriately aligned with mission needs.

• Collaborates with other scientists in innovation efforts that support and further mission requirements.

• Prepares and presents technical and other reports and briefings.

• Performs assessments of open source reporting and situational awareness data feeds to ensure the security of internal and/or external information and technology systems.

• Analyzes cyber threat intelligence from various sources to inform and enable cyber response.

• Evaluates cyber threat indicators and system vulnerabilities and develops assessments, threat profiles and other cyber intelligence products.

• May conduct forensic acquisition and analysis activities in support of cyber intrusion or insider threat investigations.

• May interface with external entities including law enforcement, intelligence and other government organizations and agencies.

Qualifications

Minimum Qualifications:

• BS/BA and 5+ years of relevant work experience -OR-

• MS/MA and 3+ years of relevant work experience -OR-

• PhD with 1+ year of relevant experience

Preferred Qualifications:

• At least 5 years of demonstrated experience in information assurance and cyber security governance within an enterprise environment – including time leading cyber security professionals

• Effective leadership and strong interpersonal skills and highly adept at consulting, negotiating, communicating, consensus building, and presenting with a customer-focused mindset

• Hold one or more industry cyber security certifications (e.g., CISSP, CISM, CRISC)

• Highly adept at innovating and thinking beyond established standards and processes

• Previous experience integrating federal cyber security compliance requirements across complex computing environments

• Proficiency with common enterprise GRC tools such as Archer, Xacta, Standard Fusion, Tenable Assured Compliance Assessment Solution (ACAS), and Splunk

• Proficiency implementing a risk management framework to support system accreditation and the ability to communicate complex technical information and cyber risk clearly for all levels and audiences

• Able to deliver results with highest level of professionalism and integrity

• Familiarity with the NIST/USG community standards

• Active federal DOE Q and/or SCI clearance

Hazardous Working Conditions/Environment

Not Applicable.

Additional Information

This position requires the ability to obtain and maintain a federal security clearance.

• U.S. Citizenship Required

• Background Investigation: Applicants selected will be subject to a Federal background investigation and must meet eligibility requirements for access to classified matter in accordance with 10 CFR 710, Appendix B.

• Drug Testing: All Security Clearance positions are Testing Designated Positions, which means that the candidate selected is subject to pre-employment and random drug testing. In addition, applicants must be able to demonstrate non-use of illegal drugs, including marijuana, for the 12 consecutive months preceding completion of the requisite Questionnaire for National Security Positions (QNSP).

Note: Applicants will be considered ineligible for security clearance processing by the U.S. Department of Energy until non-use of illegal drugs, including marijuana, for 12 months can be demonstrated.

Testing Designated Position

This position is a Testing Designated Position (TDP). The candidate selected for this position will be subject to pre-employment and random drug testing for illegal drugs, including marijuana, consistent with the Controlled Substances Act and the PNNL Workplace Substance Abuse Program.

About PNNL

Pacific Northwest National Laboratory (PNNL) is a world-class research institution powered by a highly educated, diverse workforce committed to the values of Integrity, Creativity, Collaboration, Impact, and Courage. Every year, scores of dynamic, driven people come to PNNL to work with renowned researchers on meaningful science, innovations and outcomes for the U.S. Department of Energy and other sponsors; here is your chance to be one of them!

At PNNL, you will find an exciting research environment and excellent benefits including health insurance, flexible work schedules and telework options. PNNL is located in eastern Washington State—the dry side of Washington known for its stellar outdoor recreation and affordable cost of living. The Lab’s campus is only a 45-minute flight (or 3-hour drive) from Seattle or Portland, and is serviced by the convenient PSC airport, connected to 8 major hubs.

Commitment to Excellence, Diversity, Equity, Inclusion, and Equal Employment Opportunity

Our laboratory is committed to a diverse and inclusive work environment dedicated to solving critical challenges in fundamental sciences, national security, and energy resiliency. We are proud to be an Equal Employment Opportunity and Affirmative Action employer. In support of this commitment, we encourage people of all racial/ethnic identities, women, veterans, and individuals with disabilities to apply for employment.

Pacific Northwest National Laboratory considers all applicants for employment without regard to race, religion, color, sex (including pregnancy, sexual orientation, and gender identity), national origin, age, disability, genetic information (including family medical history), protected veteran status, and any other status or characteristic protected by federal, state, and/or local laws.

We are committed to providing reasonable accommodations for individuals with disabilities and disabled veterans in our job application procedures and in employment. If you need assistance or an accommodation due to a disability, contact us at careers@pnnl.gov .

Drug Free Workplace

PNNL is committed to a drug-free workplace supported by Workplace Substance Abuse Program (WSAP) and complies with federal laws prohibiting the possession and use of illegal drugs.

If you are offered employment at PNNL, you must pass a drug test prior to commencing employment. PNNL complies with federal law regarding illegal drug use. Under federal law, marijuana remains an illegal drug. If you test positive for any illegal controlled substance, including marijuana, your offer of employment will be withdrawn.

HSPD-12 PIV Credential Requirement

In accordance with Homeland Security Presidential Directive 12 (HSPD-12) and Department of Energy (DOE) Order 473.1A, new employees are required to obtain and maintain a HSPD-12 Personal Identity Verification (PIV) Credential. To obtain this credential, new employees must successfully complete and pass a Federal Tier 1 background check investigation. This investigation includes a declaration of illegal drug activities, including use, supply, possession, or manufacture within the last year. This includes marijuana and cannabis derivatives, which are still considered illegal under federal law, regardless of state laws.

Mandatory Requirements

Please be aware that the Department of Energy (DOE) prohibits DOE employees and contractors from having any affiliation with the foreign government of a country DOE has identified as a “country of risk” without explicit approval by DOE and Battelle. If you are offered a position at PNNL and currently have any affiliation with the government of one of these countries, you will be required to disclose this information and recuse yourself of that affiliation or receive approval from DOE and Battelle prior to your first day of employment.

Rockstar Rewards

Employees and their families are offered medical insurance, dental insurance, vision insurance, health savings account, flexible spending accounts, basic life insurance, disability insurance, employee assistance program, business travel insurance, tuition assistance, supplemental parental bonding leave, surrogacy and adoption assistance, and fertility support. Employees are automatically enrolled in our company funded pension plan and may enroll in our 401k savings plan. Employees may accrue up to 120 vacation hours per year and may receive ten paid holidays per year.

• Research Associates excluded.

**Once eligibility requirements are met.

Click Here For Rockstar Rewards (https://careers.pnnl.gov/rockstar-rewards)

Notice to Applicants

PNNL lists the full pay range for the position in the job posting. Starting pay is calculated from the minimum of the pay range and actual placement in the range is determined based on an individual’s relevant job-related skills, qualifications, and experience. This approach is applicable to all positions, with the exception of positions governed by collective bargaining agreements and certain limited-term positions which have specific pay rules.

As part of our commitment to fair compensation practices, we do not ask for or consider current or past salaries in making compensation offers at hire. Instead, our compensation offers are determined by the specific requirements of the position, prevailing market trends, applicable collective bargaining agreements, pay equity for the position type, and individual qualifications and skills relevant to the performance of the position.

Minimum Salary

USD $134,500.00/Yr.

Maximum Salary

USD $219,500.00/Yr.