
Cyber Security Inspector Job# JRGNR0145
Location: Rockville, MD 20852
Salary: $110,000-$135,000
Clearance: Must be eligible
Employment Type: Full Time (W2 or 1099)
Government Agency: Nuclear Regulatory Commission (NRC)
Travel: 25%
POSITION DESCRIPTION AND PROFILE:
This is an exciting opportunity for a full time Cyber Security Inspector to support the Nuclear Regulatory Commission (NRC) within the nuclear energy sector as they implement and mature regulatory cyber security programs, contributing to both the government and industry. The Cyber Security Inspector will actively support the NRC as it establishes cyber security regulation and guidance to promote safety and security regulating special nuclear material.
NOTE: Applicants who have worked for the nuclear power industry within the last year are not eligible. Applicants who have worked for the nuclear power industry past a year may be eligible and are required to disclose the name of the company or companies, specify the work performed, and how long ago the applicant was employed.
REQUIRED QUALIFICATIONS: (Education, Certifications, Experience, Skills)
This candidate must have experience with the following:
-
EXPERIENCE LEVEL: Minimum of 8 years of IT experience, audit experience or cyber security experience. Experience working with government consulting preferred.
-
EDUCATION: BA/BS degree in engineering, computer science, cyber security, or related fields, or equivalent.
-
CERTIFICATIONS AND TOOLS: The Ideal candidate will also have one or more of the following certifications: CISSP, CISM, CEH, CISA, Security+ and/or CAP
-
SECURITY CLEARANCE: Ability to obtain a DOE security clearance.
-
TRAVEL: Up to 25%
-
Communication Skills:
-
Ability to communicate both orally and in writing appropriate to the audience and situation
-
Strong writing skills and the ability to compose highly visible original documents that are relied upon by the nuclear industry
-
Ability to provide, verbally or in writing, a technical opinion or an interpretation of information based on in-depth and knowledge in a particular subject area
-
-
Knowledge of IT security audits
-
Cyber security engineering principles
DESIRED QUALIFICATIONS: (Education, Certifications, Experience, Skills)
This candidate shall have experience with the following:
-
Knowledge of penetration testing including foot printing and scanning.
-
Familiarity with hacking tools
-
Knowledge of vulnerability management
-
Familiarity with regulatory standards such as NIST
-
Industry certifications such as CISSP, CEH, ITIL, CISA, or CISM
JOB RESPONSIBILITIES: Functionally, the successful candidate will:
-
The inspector will participate in the cyber inspection process by analyzing the adequacy of the implementation of cyber security programs by licensees (entities with a license to handle nuclear materials). This participation will include assisting the NRC lead inspector in preparing for the frequent cyber inspections and aiding in identifying the critical systems and critical digital assets in need of inspection.
-
When preparing for a cyber inspection, the inspector will review technical documentation provided by the licensee in response to the formal request for information letter. The inspector will also analyze cyber vulnerability assessments and identify technical issues associated with a licensee assessment of digital critical systems or critical digital assets.
-
After this stage of review and analysis, the inspector will communicate to the inspection team the technical issues identified during the inspection process and will write up justifications of the technical issues that could lead to potential findings during the inspection.
-
When not working directly on inspections, the inspector will interact with NRC project leads spearheading a variety of innovative cyber initiatives, including participating in meetings for regulatory guidance on various cyber security issues. Other work with project leads will include developing responses to technical issues that arise from the application of cyber security regulations and analyzing cyber security best practices and recommending how those practices are applicable to the program’s cyber security requirements. The inspector will be expected to possess strong communication skills, including dynamic delivery, ability to tailor subjects to the audience, and a sense of diplomacy.