Requisition Id 16684
Overview:Oak Ridge National Laboratory (ORNL) is seeking a dynamic, highly skilled Insider Threat Program Lead to oversee the day-to-day execution of ORNL's Insider Threat Program (ITP). This role protects DOE and ORNL personnel, facilities, and classified/unclassified information and other U.S. Government assets by integrating counterintelligence (CI), cybersecurity, personnel security, human capital, legal, physical security, protective force, and other mission partners into a cohesive insider threat capability. This position also serves as ORNL law enforcement liaison officer and is responsible for coordinating VIP visits to ORNL. This position resides in the Physical Security Team in the Security Programs Group, Laboratory Protection Division, Facilities and Operations Directorate, at Oak Ridge National Laboratory (ORNL).
Major Duties/Responsibilities:- Ensure contractor compliance with the requirements outlined in the Contractor Requirements Document (CRD) of DOE O 470.5A and relevant federal directives (e.g., 32 CFR Part 117, Presidential/Executive direction including EO 13587).
- Create, maintain, and continuously improve the ORNL Insider Threat Program Plan and related site procedures (e.g. SBMS content as applicable).
- Ensure the program's collection, retention, safeguarding, and disposition of records/data complies with Privacy Act requirements and National Archives and Records Administration (NARA) records requirements.
- Coordinate with the Local Insider Threat Working Group (LITWG) and ensure accountability for all insider threat response actions.
- Serve as the focal notification entity for reported insider/outsider threat information; conduct initial triage to determine credibility, threshold, risk level, and required actions.
- Conduct analysis to identify, deter, and mitigate insider threat risk; develop site-specific risk management strategies in coordination with LITWG.
- Act as the primary investigator/case agent/analyst for non-CI (or undetermined) matters; coordinate with CI and support CI investigations as requested/appropriate
- Conduct inquiries/investigations, including evidence gathering, interviews, documentation, and case management.
- Facilitate contractor access to insider threat information, including personnel files, supervisory records, security data, cybersecurity logs, and other records required for analysis and response under DOE guidance.
- Report incidents/information to the DOE Analysis and Referral Center (ARC) as required; provide contractor-derived data, reports, and assessments to DOE entities as appropriate.
- Serve as ORNL's primary liaison with DOE insider threat counterparts (e.g., DOE OITP/IN/EHSS as applicable) and participate in DOE meetings (including LITWG meetings).
- Serves as the ORNL law enforcement liaison officer and coordinate with law enforcement and request assistance when needed; compile and analyze information and coordinate referrals as appropriate.
- Develop, deliver, and oversee contractor insider threat training in compliance with DOE O 470.5A, including initial awareness and annual refresher instruction covering detection methodologies, CI protocols, adversarial recruitment indicators, and workplace threat reporting procedures.
- Maintain training records for contractor employees and provide annual certification reports to the Head of Field Elements or requestor as needed.
- Responsible for planning and execution of all ORNL VIP visits, coordinating with local law enforcement, Protective Force, and the protocol office.
- Provide support to Physical Security with Adverse Action planning and execution (if needed).
- Support emergency response coordination and provide 24/7 response when needed for significant incidents affecting ORNL security interests.
- Perform other duties as assigned by management consistent with the role.
Basic Qualifications:- BA or BS degree in Homeland Security, Law Enforcement, Security Studies, Counterintelligence, Information Technology, Cybersecurity, Leadership, or a related field.
- Minimum of eight years of experience working in a tactical operations environment such as law enforcement, DOE security functions (e.g. protective force, physical security), counterintelligence, emergency management functions, or insider threat detection. A combination of education and experience may be considered.
- Familiarity with DOE O 470.5A, national insider threat standards, and supporting compliance frameworks.
- Strong written/oral communication skills; able to brief senior leaders and produce detailed, high-quality reports.
- Field experience with emergency operations and scene triage.
- Familiarity with National Incident Command System (ICS).
- Deep knowledge of Search and Seizure law.
Preferred Qualifications:- MA or MS degree in Homeland Security, Law Enforcement/Criminal Justice, Security Studies, Counterintelligence, Leadership, or a related field.
- 10+ years experience working in a tactical operations environment such as law enforcement, DOE security functions (e.g. protective force, physical security), counterintelligence, emergency management functions, or insider threat detection. A combination of education and experience may be considered.
- Strong analytical skills, attention to detail, ability to prioritize and manage multiple tasks in a fast-paced environment.
- Experience conducting investigations, interviews, and case preparation.
- Experience in a lead or supervisory role with rapid assessment/problem solving skills.
- Experience/certifications in instructing/public speaking.
- Ability to successfully manage high-stress situations and complex, multi-tiered operations.
- Experience with/knowledge of applicable Labor Laws.
- Experience standing up or operating local insider threat constructs in a cleared environment.
- Demonstrated capability integrating multi-source data (personnel, law enforcement, security, cyber, etc.).
- Technical familiarity with User Activity Monitoring (UAM), insider threat analytics, incident response, and complex investigation methods.
- Experience working with or coordinating local insider threat programs such as LITWGs, Threat Assessment/Mitigation teams, or ARCs.
- Experience using AI-enabled tools to improve operational efficiency or reporting.
Special Requirements:- Q Clearance: This position requires the ability to obtain and maintain a clearance from the Department of Energy. As such, this position is a Workplace Substance Abuse (WSAP) testing designated position. WSAP positions require passing a pre-placement drug test and participation in an ongoing random drug testing program.
