Job Specifications
Job Description
Mission Support and Test Services, LLC (MSTS) manages and operates the Nevada National Security Site (NNSS) for the U.S. National Nuclear Security Administration (NNSA). Our MISSION is to help ensure the security of the United States and its allies by providing high-hazard experimentation and incident response capabilities through operations, engineering, education, field, and integration services and by acting as environmental stewards to the Site’s Cold War legacy. Our VISION is to be the user site of choice for large-scale, high-hazard, national security experimentation, with premier facilities and capabilities below ground, on the ground, and in the air. (See NNSS.gov for our unique capabilities.) Our 2,750+ professional, craft, and support employees are called upon to innovate, collaborate, and deliver on some of the more difficult nuclear security challenges facing the world today.
MSTS offers our full-time employees highly competitive salaries and benefits packages including medical, dental, and vision; both a pension and a 401k; paid time off and 96 hours of paid holidays; relocation (if located more than 75 miles from work location); tuition assistance and reimbursement; and more.
MSTS is a limited liability company consisting of Honeywell International Inc. (Honeywell), Jacobs Engineering Group Inc. (Jacobs), and HII Nuclear Inc.
Responsibilities
MSTS is seeking a candidate for the role of Policy and Governance Cyber Security Analyst II for the Global Mission Communications Programs (GMCP), Emergency Communications Network (ECN) Cybersecurity Department. The ECN provides global communications on behalf of DOE/NNSA using mobile technology, to include satellites and additional services such as video-teleconferencing.
Key Responsibilities
Serve as a Cyber Security Analyst for the Emergency Communications and Services Division (ECSD), Emergency Communications Network (ECN) Cyber Security Department located at the Remote Sensing Laboratory, Nellis (RSLN) on Nellis Air Force Base in Nevada.
Perform work of limited scope and basic complexity, taking direction from more senior staff.
Assist in researching, compiling, and analyzing technical data by applying knowledge of technical principles, theories, standards, practices, and procedures.
Assist the ISSM and ISSOs with the execution of their assigned duties.
Assist with data calls, FISMA reporting, compliance scanning and reporting, continuous monitoring and compiling reports for auditors.
Assist with the coordination, management, and reporting of Plan of Action and Milestones and Corrective Action Plans.
Performs Security Test and Evaluations of information systems in support of a security plan.
Writes basic information system security plans (ISSPs) for unclassified systems.
Completes assessment and authorization of information systems on unclassified and classified systems and networks, assists with the completion and mitigation of security testing and evaluations results.
Participate in incident response teams to detect, respond to, contain and remediate cyber threats.
Support forensic/incident response activities and may monitor intrusion detection/prevention systems (IDS/IPS), security incident and event management (SIEM) tools, endpoint security tools, email gateways, firewalls, and network infrastructure.
Review current Cyber Security threat and assists the Threat Evaluation Team with mitigating vulnerabilities identified.
Identify, report, and assist in the remediation of Cyber Security threats and vulnerabilities.
Participates in the discussions on the architecting of networks and systems with a security focus, ensuring systems are developed in accordance with federal law, customer requirements, assessment and authorization requirements, and industry best practices.
Reviews purchase requests for technology items and provides input to senior level Cyber Security staff regarding the risk associated with purchases.
Collaborates with other outside Cyber Security interests such as Counterintelligence, other DOE sites, US-CERT, and law enforcement.
Conducts a variety of Cyber Security policy compliance tasks such as discovering unauthorized devices, conducting site surveys for non-compliance, and ensuring network access requirements are met.
Reviews security configuration reports for compliance with approved enterprise or ECN baselines or hardening guides.
Assists with attaining authorizations to connect expansion ECN nodes.
Reviews engineering change requests and provide security considerations and conditions for cyber approval.
Duties will include the development, implementation and management of the Cyber Security Program (CSP) and the development and implementation of the Risk Management Framework (RMF) as it applies to ensuring the confidentiality, integrity, availability and privacy of all categories of data in all forms throughout the data life cycle. As a cyber security point of contact for the Policy and Governance team,