Cyber Security Specialist

Be the Difference

Astrion offers comprehensive services that boost preparedness, optimize performance, and ensure success across various domains, from Cyber to Digital, Mission and Systems, servicing our nation's Civilian, Defense and Space communities. We support customers with Centers of Excellence in Washington DC, Huntsville, AL and Burlington, MA with an additional 36 locations across the U.S.

Astrion has an exciting opportunity for a Cyber Security Specialist for the NRC - CRSPDSS, supporting the Civilian Division.

JOB DETAILS

LOCATION: Remote (base location for travel will be Rockville, MD

JOB STATUS: FT or PT

TRAVEL: 30%

REQUIRED QUALIFICATIONS / SKILLS

• BA/BS degree required in information systems, computer science, or related fields preferred.
• 5+ years of experience required
• Must have at least one advanced cyber security certification, such as CISSP, CEH, CISM, CISA, or CRISC. Any certification on the DOD 8570 matrix will be sufficient. The following link provides the certification matrix:
• Security Clearance Level: NRC Suitability

DESIRED QUALIFICATIONS / SKILLS

• Experience working with a risk management framework (e.g., NIST SP 800-37, ERM framework).
• Experience performing cyber security inspections on operational technology and/or performed audits or assessments based on a well-known cyber security framework (e.g., NIST 800-53 and 800-82, NEI 08-09 and 13-10, SOC2, HIPPA, COBIT) in the last five years.
• Experience with the cyber analysis of ICS and/or SCADA.
• Experience with training a group of individuals on cyber subjects.
• Thorough understanding and implementation of federal cyber security frameworks (e.g., FISMA and RG 5.71).
• Experience with independently interpreting configuration files produced by network devices (i.e., Firewalls, IDS/IPS, SIEM, Log Forwarders, etc.) and other components.
• Experience independently reviewing security logs from operating systems and network security devices.
• Experience independently evaluating network defensive architectures, threat detection, and mitigation strategies.
• Knowledge of TCP/IP and networking concepts with emphasis on cyber awareness.
• Experience with the analysis of vulnerabilities and CVE concepts.
• Experience writing and evaluating technical reports and solicitations.
• Have a willingness to learn to develop inspection expertise.
• Be able to work with little supervision while on site.
• Have excellent verbal and writing skills.
• Ability to work with a wide range of stakeholders and values teamwork.
• Timeliness is crucial.

RESPONSIBILITIES

The primary responsibility will be to support cyber security inspections at nuclear power plants across the country validating whether the licensees Cyber Security Program meets NRCs 10 CFR 73.54, Protection of Digital Computer and Communications Systems and Networks, rule. These inspections are conducted onsite for one week and the remainder of the work will be performed remotely unless required otherwise. Tasks may include the following:

• Performing analysis and research, developing supporting documentation, providing technical input on NRC regulatory guides.
• Advise government inspectors and stakeholders on applying an approved cyber security framework.
• Assist the Government in the identification of shortcomings, inconsistencies, and conflicts encountered during a cyber security evaluation of a public utility.
• Make recommendations for improvements on Government cyber security practices, standards, and guidance while keeping informed of ongoing threats and vulnerabilities.
• Assist government inspectors in the overall planning of information gathering logistics, technical reports, and execution plans.
• Verbally express technical concepts to Government clients and stakeholders involved in enterprise security information forums.
• Collaborate with other cyber analysts to create a unified method of assessment and analysis.
• Additional responsibilities include providing support during the rulemaking process, revisions to regulatory guidance, and other associated cyber security related activities.

What We Offer

• Competitive salaries
• Continuing education assistance
• Professional development allotment
• Multiple healthcare benefits packages
• 401K with employer matching
• Paid time off (PTO) along with a federally recognized holiday schedule

Who We Are

At Astrion, we innovate, elevate, and shape the world of tomorrow. At our core is our purpose to Be the Difference. This means we encourage our employees to take action and be the driving force for positive change. We foster an environment where innovative solutions flourish and our company continuously evolves.

We have a culture of care, empathy, and making a tangible difference within our organization and communities. We embrace continuous learning, growth, and innovation, and pushing the boundaries of whats possible. We promote collaboration and empowering our teams is at the core of our success.

Join Astrion and Be the Difference in your career and the world!

Astrion is an Equal Employment Opportunity/Affirmative Action Employer. We provide equal employment opportunities to all employees and applicants for employment and prohibit discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.

This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.