Requisition Number 2018-7195
MAR Division of Oasis Systems, LLC has an exciting opportunity for a seasoned Cyber Security Subject Matter Expert with ten years or more experience. The Cyber Security Subject Matter Expert acts as a subject matter expert for our Federal customer within the nuclear energy sector as he or she implements and matures regulatory cybersecurity programs, contributing to both the government and industry. The Cyber Security Subject Matter Expert will actively support the agency as it establishes cybersecurity regulation and guidance to promote safety and security regulating special nuclear material.
LOCATION: Rockville, MD
EXPERIENCE LEVEL: Minimum of 10 years’ of IT experience and cybersecurityexperience a must. Experienceworking with government consulting, and a minimum of eight years’ experience leading audits preferred.
EDUCATION: BA/BS degree in engineering, computer science, cybersecurity, or related fields, or equivalent.
SECURITY CLEARANCE: Ability to obtain a DOE security clearance.
JOB STATUS: Full-time.
Functionally, the candidate should have experience with the following:
- Communication Skills:
- Ability to facilitate/participate in public meetings with the nuclear industry, where the press and other high visibility entities may be present
- Ability to communicate both orally and in writing appropriate to the audience and political dynamic of a given situation
- Strong writing skills and the ability to compose highly visible original documents that are relied upon by the nuclear industry
- Ability to provide, verbally or in writing, a technical opinion or an interpretation of information based on in-depth and expert knowledge in a particular subject area
- Performed IT securityaudits
- Cyber security engineering principles
- Penetration testing to include footprinting, creating attack trees, and identifying attack vectors
- Various standard and non-standard (hacker community) security tools including strengths, weaknesses, and identifying marks/signatures
- Knowledge of digital components comprised of industrial control systems
- Supervisory Control and Data Acquisition (SCADA) Systems
- Distributed Control Systems (DCS)
- Safety Instrumented Systems (SIS)
The SME will participate in the cyberinspection process by analyzing the adequacy of the implementation of cybersecurity programs by licensees (entities with a license to handle nuclear materials). This participation will include assisting the NRC lead inspector in preparing for the frequent cyberinspections and aiding in identifying the critical systems and critical digital assets in need of inspection.
When preparing for a cyberinspection, the SME will review technical documentation provided by the licensee in response to the formal request for information letter. The SME will also analyze cyber vulnerability assessments and identify technical issues associated with a licensee assessment of digital critical systems or critical digital assets.
After this stage of review and analysis, the SME will communicate to the inspection team the technical issues identified during the inspection process with a nexus to the regulatory basis and will write up justifications of the technical issues that could lead to potential findings during the inspection.
In preparation for the onsite inspection stage, the SME will prepare all of his or her own travel arrangements for all inspection visits and submit a travel request form estimating expenses. During the onsite inspections, the SME will serve as a technical consultant to the lead inspector while demonstrating discernment, discretion, and humility in all interactions with NRC inspectors and employees. It is vital that the SME be able to balance providing expertise and depth of knowledge while still deferring to the inspection lead.
The SME will demonstrate a knowledge of terms, policy, and guidance and be well versed in industry best practices. The SME will actively work with a variety of ICS standards and certifications, including ISA/IEC-62443 (Formerly ISA-99), IEEE 802.3, NERC Critical Infrastructure Protection (CIP) Standards, NRC Regulatory Guide 5.71, NEI 08-09, NIST Special Publications, and ISASecure Certifications. The SME will also frequently work with regulatory documents associated with the cybersecurity program such as Title 10 of the Code of Federal Regulations (10 CFR), Section 73.54. The SME will be expected to take the initiative to remain up-to-date with the latest industry standards. The position is an excellent opportunity to become an expert in the field.
After the onsite stage of the inspection, the SME will be responsible for writing up and submitting an expense report recording all travel expenses for reimbursement and will prepare for and participate in the Secure Information Forum to support the lead inspector’s findings.
When not working directly on inspections, the SME will interact with various NRC project leads by spearheading a variety of innovative cyber initiatives, including writing, revising, and participating in meetings for regulatory guidance on various cybersecurity issues affecting the Nuclear Regulatory Commission. Other work with project leads will include developing responses to various technical issues that arise from the application of cybersecurity regulations and analyzing cybersecurity best practices and recommending how those practices are applicable to the program’s cybersecurity requirements. The SME will be expected to possess strong communication skills, including dynamic delivery, ability to tailor subjects to the audience, and a sense of diplomacy.
The SME will also help to develop and present cybersecurity trainings so that NRC inspectors and staff may become more effective when assessing the NRC cybersecurity program at nuclear power reactor sites and successfully engage in oversight and enforcement activities. This work will include writing and designing course content and developing classroom and laboratory exercises related to the subject area.
The SME will be responsible for performing general administrative tasks as well, including recording daily hours worked and filling out a daily status report summarizing activities associated with his or her assigned responsibilities, participating in a weekly contract status meeting, attending various team meetings that may arise, checking email accounts regularly, and completing annual security and inspection trainings. When not on travel, the SME is expected to be working on site at least 32 hours a week.