Cybersecurity Specialist (3251)

Navarro Research and Engineering is recruiting for a Cybersecurity Specialist in Richland, WA.

Navarro Research & Engineering is an award-winning federal contractor dedicated to partnering with clients to advance clean energy and deliver effective solutions for complex challenges in the nuclear and environmental fields. Joining Navarro means being a part of an exceptional team committed to quality and safety while also looking for innovative strategies to create value for the client’s success. Headquartered in Oak Ridge, Tennessee, Navarro has active programs in place across the nation for DOE/NNSA, NASA, and the Department of Defense.

This position will support Navarro-ATL. Navarro-ATL is located in Richland, WA, and operates, manages, and maintains the 222-S Laboratory Complex for the Department of Energy. The Navarro-ATL members are Navarro Research and Engineering, Inc. (Oak Ridge, TN), and Advanced Technologies and Laboratories International (Gaithersburg, MD).

Cybersecurity Specialists serve as the primary cybersecurity liaison between Navarro-ATL and other Hanford entities. They support the vulnerability management program, implement policies and procedures, audit implementation of National Institute of Standards and Technology (NIST) 800-53 cybersecurity and privacy controls, and coordinate security testing on systems in development and operation at Navarro-ATL. They are also responsible for providing day-to-day guidance to field personnel on proper implementation of cybersecurity requirements.

Responsibilities:

• Develop, implement, and maintain standards, plans, policies, procedures, and other documentation in support of U.S. Department of Energy (DOE) and NIST requirements for Federal information systems.
• Perform and support risk management activities, including security impact analyses and risk assessments, in support of achieving and maintaining authority to operate.
• Develop and maintain system security plans according to NIST Risk Management Framework.
• Support cybersecurity and privacy awareness, including advising employees, management, and subcontractors of best practices.
• Support cybersecurity audits, assessments, data calls, investigations, incident responses, and other duties as required.
• Participate in supply chain risk assessment and security impact analysis for relevant procurements and subcontracts.
• Maintain programmatic interfaces to other Hanford contractors and DOE.
• Support data call requests.
• Attend cybersecurity and privacy board meetings as the Navarro-ATL designated representative.
• Consult on submission, tracking, and coordination of System Engineering Control Board and Production Readiness Review Board activities.

Requirements

Minimum Qualifications:

• Bachelor of Science degree in information technology, cybersecurity, data science, information systems, computer science or related field, plus 8 years of experience with cybersecurity related activities and functions, or equivalent combination of education and experience.
• Knowledge of NIST publications, including Risk Management Framework, SP 800-53, and Federal Information Processing Standard (FIPS)‑199.
• Excellent interpersonal and communication skills as demonstrated by experience interacting with all levels of personnel and customers.

Preferred Qualifications:

• Experience with DOE and NIST requirements.
• Experience with Industrial Control Systems.
• Experience conducting impact and risk assessments for Federal information systems.
• Experience reporting metrics and developing presentations.
• Knowledge of Federal legislature and executive orders, such as Federal Information Security Monitoring Act (FISMA), Privacy Act, and Executive Order 14028.
• Qualifications related to Department of Defense 8140 Cyber Workforce Qualification Program.
• Certifications such as Cisco Certified Network Associate, CompTIA Security+, EC Council Certified Network Defender, Federal IT Security Institute Auditor, GIAC Defense Security Architect, GIAC Information Security Fundamentals, or ISC2 Certified Information Systems Security Professional.
• Proficiency with Governance, Risk and Compliance software, such as Archer, DOORS, and RegScale.
• Competency areas from NIST National Initiative for Cybersecurity Education (NICE) Framework, including Access Controls (NF-COM-001), Asset Management (NF-COM-003), Cyber Resiliency (NF-COM-007), DevSecOps (NF-COM-008), Operating Systems Security (NF-COM-009), Operational Technology Security (NF-COM-010), and Supply Chain Security (NF-COM-011).
• Knowledge, skills, and proficiency with tasks associated with roles within NIST NICE Framework, including Cybersecurity Architecture (DD-WRL-001), Secure Systems Development (DD-WRL-004), Systems Requirements Planning (DD-WRL-006), Systems Testing and Evaluation (DD-WRL-007), and Product Support Management (OF-WRL-009).

Due to the nature of the government contract requirements and/or clearances requirements, US citizenship is required.

Navarro is an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, gender, age, sexual orientation, gender identity, status as a protected veteran, or status as a qualified individual with a disability.

EEO Employer/Vet/Disabled

Annual Salary Range (based on full-time 40 hours per week)

Grade 18: $104,175 - $131,425

Grade 19: $114,475 - $144,325

The grade level offered to the selected candidate will be based on business needs and the candidate's education, training, and/or relevant experience.

In accordance with the Navarro Research and Engineering, Inc (Navarro) salary determination process, Navarro takes into consideration the level of assigned job duties and responsibilities and the candidate’s education, training, and/or experience relative to internal peers and the external labor market. A candidate's salary history will not be used in compensation decisions.

Benefits

Benefits include medical, dental, and vision insurance; short- and long-term disability insurance; pension benefits*; 401(k) retirement savings plan with employer match; life and accidental death and dismemberment (AD&D) insurance; vacation/sick/holiday pay*.

*Based on eligibility rules