Cyber Security Analyst (40832)
Hanford Mission Integration Solutions
Richland, WA
JOB DETAILS
JOB TYPE
Full-time, Employee
SKILLS
Analysis Skills, Background Investigation, Best Practices, CISA - Certified Information Systems Auditor, CISM - Certified Information Security Manager, CISSP - Certified Information Systems Security Professional, Certification & Accreditation Process (C&A), Communication Skills, Computer Science, Computer Security, Configuration Management, Control Systems, Corrective Action, Design Evaluation, Detail Oriented, Disaster Recovery, FISMA - Federal Information Security Management Act, Government, Health Education, Homeland Security, Incident Response, Information Technology & Information Systems, Information/Data Security (InfoSec), Internet Security, Leadership, Maintain Compliance, Operational Support, Operations Processes, Operations Security (OPSEC), Presentation/Verbal Skills, Problem Solving Skills, Product Testing, Psychiatry and Mental Health, Regulations, Regulatory Compliance, Risk, Risk Analysis, Risk Management, Security Analysis, Security Attacks, Security Clearance, Security Compliance, Security Monitoring, Supply Chain Management, System Operations, Systems Administration/Management, Systems Maintenance, Team Player, Technical Support, U.S. National Institute of Standards and Technology (NIST), United States Department of Energy (DOE), Writing Skills
LOCATION
Richland, WA
POSTED
4 days ago
Hanford Mission Integration Solutions (HMIS) is seeking a Cybersecurity Analyst in support of implementing a compliant and effective cybersecurity program for the Department of Energy (DOE) Hanford Site. Individuals performing in this role will report to the Director of Cybersecurity/Chief Information Security Officer (CISO) and provide assistance to Information System Security Managers (ISSMs). This role encompasses cybersecurity for General Support Systems (GSS), Industrial Control Systems (ICS), and Operational Technology (OT) environments. Candidates should have experience in implementing cybersecurity for federal information systems and in securing systems, components, and networks that comprise ICS/OT environments. This individual will perform cybersecurity and risk analysis activities supporting oversight of information technology (IT) and OT throughout the Hanford enterprise. This role entails providing leadership and guidance to members of the cybersecurity team in response to ever-changing cybersecurity threats, requirements, and technology, as well as ensuring compliance with relevant laws, regulations, and standards. Candidates may potentially serve as an Information System Security Officer (ISSO), if appointed by DOE after a satisfactory probationary period.
Key responsibilities and duties include:
•Develop and maintain comprehensive cybersecurity policies and procedures in accordance with the Federal Information Security Management Act (FISMA) to safeguard information systems and data
•Participate in development and maintenance of System Security Plans (SSP) in accordance with National Institute of Standards and Technology (NIST)
•Ensure compliance with relevant laws, regulations, and standards
•Conduct risk assessments and vulnerability analyses to identify potential security threats and weaknesses to system environments, including ICS/OT, and determine appropriate mitigations
•Operate, coordinate, and execute day-to-day cybersecurity functions, including certification and accreditation planning and activities, continuous monitoring (CM) activities, cybersecurity assessments, data calls, investigations, and liaison activities, working closely with IT and other organizations to integrate cybersecurity into the organization's operations
•Directly participate in change and configuration management oversight activities relevant to accreditation boundaries
•Evaluate products and participate in projects to address and implement cybersecurity supply chain risk management (SCRM) principles and requirements
•Apply cybersecurity requirements and principles in evaluating design and implementation of new and existing systems and support secure operation and maintenance of systems within accreditation boundaries
•Respond to cybersecurity incidents and intrusions, including investigation, mitigation, and ensuring that reporting requirements are met
•Participate in incident response and disaster recovery exercises and events
•Establish and implement corrective action plans, plan of action and milestones (POAMs), as needed to address cybersecurity issues
•Evaluate systems and processes in operation to verify security requirements are implemented effectively
•Monitor cybersecurity reports from external sources
•Implement government and industry best practices for protection of system environments to achieve and maintain an acceptable level of risk
Basic Qualifications
• BA/BS degree in Computer Science, Information Technology, Cybersecurity or a related field plus 5 years of experience working in information technology/information security, or equivalent combination of education and experience.
• Knowledge of National Institute of Standards and Technology (NIST) standards and requirements for operation of federal information systems.
• Ability to work independently and as part of a team, with high level of attention to detail.
• Excellent written and verbal communication skills.
• Current holder of a DOE "Q" security clearance or the ability to obtain a clearance within one year.
• Ability to obtain and maintain a Personal Identity Verification (PIV) Credential badge.
***Must be able to obtain and maintain a "Q" Clearance. Any offer of employment is contingent on the applicant passing a background investigation. As part of the investigation, Federal investigators will examine many aspects of the applicant's past including: financial and criminal histories, mental and emotional health, education and travel, drug and alcohol usage, personal and organizational relationships, as well as other aspects of the applicant's background.
Note: This position may entail that the selected candidate work (telecommute) remotely, within a commutable distance and in accordance with HMIS procedural requirements.
Desired Qualifications
• Knowledge of cybersecurity principles for protection of industrial control system environments.
• Experience within the last 4 years in implementing cybersecurity.
• Experience within the last 4 years in assessing and managing cybersecurity risk.
• Experience as an Information System Security Officer (ISSO).
• Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), or Certified Information Systems Auditor (CISA).
Compensation & Benefits
Grade 16: $90,150 - $113,550
Grade 17: $99,063 - $124,788
Grade 18: $109,013 - $137,538
HMIS offers a comprehensive benefits package that includes medical/dental/vision, short-and long-term disability, life insurance, 401(k) with employer match, and paid time off. For a full list of benefits please visit our benefits website: https://hmis.hanford.gov/hr/page.cfm/employeebenefits
In compliance with Homeland Security Presidential Directive 12 (HSPD-12) and Department of Energy (DOE) Hanford Field Office (HFO) direction, employees issued initial badges on or after September 1st, 2025, are required to obtain and maintain a HSPD-12 Personal Identity Verification (PIV) Credential. To obtain this credential, new employees must successfully complete and pass a federal background check investigation. This investigation encompasses multiple areas of eligibility and includes a declaration of illegal drug activities, including use, supply, possession, or manufacture within the last year.
About the Company
H