Apply on Employer Site

Y-12 National Security Complex · 7 hours ago

Information System Security Officer

Oak Ridge, TN

Full-time

Onsite

Mid, Senior Level, Lead/Staff

8+ years exp

Y-12 National Security Complex is focused on national and global security, and they are seeking an Information System Security Officer (ISSO) to oversee the cybersecurity posture of their information systems. The ISSO will be responsible for implementing security controls, supporting system authorization, and monitoring compliance with cybersecurity standards.

ManufacturingProfessional ServicesSecurity

Growth Opportunities

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Implements and maintains security controls aligned with approved baselines and organizational requirements

Supports system authorization activities, including the development and maintenance of security documentation such as System Security Plans (SSPs) and Plans of Action and Milestones (POA&Ms)

Monitors system security posture and identifies risks, vulnerabilities, and compliance gaps

Tracks and manages POA&Ms and coordinates remediation activities with system stakeholders

Assesses the security impact of system changes and supports configuration and change management processes

Supports continuous monitoring activities, including vulnerability management and security reporting

Serves as a security liaison between system teams, cybersecurity operations, and governance bodies

Prepares systems for security assessments, audits, and Authorizing Official reviews

Qualification

Risk Management Framework (RMF)Security AssessmentAuthorizationCybersecurity principlesNIST 800-53/53A controlsNetwork security methodologiesVulnerability managementCloud compliance experienceSecurity+CEHCISSPAnalytical skillsCommunication skillsTeam collaboration

Required

Bachelor's degree in engineering/computer/mathematics/information technology discipline

Eight or more years of relevant education, training, and/or progressive experience may be considered to satisfy educational and years-of-experience requirements for this posting

Requires a Q clearance; however all qualified candidates will be considered regardless of their current clearance status

The ability to obtain and maintain a Department of Energy Q clearance is required

This position may require entry into the Material Access Areas (MAA) and participation in the Human Reliability Program (10 C.F.R. Part 712), which requires successful competition of a DOE counterintelligence evaluation and may include a counterintelligence-scope polygraph examination

This position may be categorized as a 'designated position' identified by 10 C.F.R. Part 709, requiring successful completion of a DOE counterintelligence evaluation that may include a counterintelligence-scope polygraph examination

CNS is a drug-free workplace. Candidates accepting a job offer will be required to pass a pre-placement physical, drug screening and background investigation

As an employee, you may be required to receive and maintain a security clearance from the United States Department of Energy in order to meet eligibility requirements for access to sensitive information or matter

U.S. citizenship is a requirement for security clearance applicants

All employees are subject to being randomly selected for drug testing without advance notification

Preferred

Knowledge of computer networking concepts and protocols, and network security methodologies

Knowledge of risk management processes (e.g., methods for assessing and mitigating risk)

Knowledge of cybersecurity and privacy principles

Knowledge of cybersecurity threats and vulnerabilities

Knowledge of Security Assessment and Authorization process

Knowledge of Risk Management Framework (RMF) best practices

Ability to present administrative, technical, and operational information clearly and effectively through the oral and written word as well as diagrams and charts

Knowledge of NIST 800-53/53A security controls

Ability to assess and provide written assessments of A&A packages

Experience with RMF in the DOE Community

Security+, CEH Certification or CISSP Certification

FedRAMP and Cloud compliance experience

Knowledge of information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption)

Knowledge of Application Security Risks

Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy

Knowledge of Supply Chain Risk Management Practices (NIST SP 800-161)

Knowledge of Personally Identifiable Information (PII) data security standards

Knowledge of authentication, authorization, and access control methods

Knowledge of database systems

Knowledge of Industrial Control Systems (NIST 800-82)

Knowledge of emerging technologies that have potential for exploitation

Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting)

Benefits

Medical plan

Prescription drug plan

Vision plan

Dental plan

Employer matched 401(k) savings plan

Disability coverage

Education reimbursement

Company

Y-12 National Security Complex

Y-12 National Security Complex is a premier manufacturing facility.

Founded in 1943

Oak Ridge, Tennessee, USA

5001-10000 employees

http://www.y12.doe.gov/

Funding

Current Stage

Late Stage

Leadership Team

Jill A. Armstrong, CFCM

Program Coordinator, Strategic Partnership Projects

Mandy Parks, SHRM-SCP

Human Resources Business Partner

Recent News

Business Wire

Standard Nuclear Executes First-of-Its-Kind Agreement with U.S. Department of Energy to Deploy Advanced Fuel Production Line

2025-12-11

MarketScreener

Nuclear components maker BWX Technologies awarded $1.6 billion HPDU contract

2025-10-01

MarketScreener

These workers built America's nuclear arsenal. Trump paused their medical claims

2025-08-22

Company data provided by crunchbase