Logo
Nuclear Regulatory Commission

Sr. IT Specialist (ISSM) (Government Wide)

Nuclear Regulatory Commission, Rockville, Maryland, 20849


Summary This position is located in the Office of the Chief Information Officer (OCIO), Cybersecurity and Infrastructure Security Division (CISD), Information Assurance & Oversight Branch (IAOB). The supervisor is Katie Harris. This position is Non Bargaining Unit. This position IS subject to Confidential Financial Disclosure reporting requirements. This position IS subject to security ownership restriction reporting requirements. Responsibilities The successful candidate will perform the full range of Sr. IT Specialist (ISSM) duties. Such duties include but are not limited to: 1. Serves as the Federal Risk and Authorization Management Program (FedRAMP) Point of Contact for OCIO and as the liaison for the Agency and maintains an account with FedRAMP systems. Regularly meets and provides updates to the Chief Information Security Officer (CISO). 2. As a recognized IT technical authority, works with office and division management and staff within the office, and management and staff in other program offices, to coordinate OCIO's acquisition and use of information technology in line with IT modernization goals. Supports efforts to expand the NRC’s cloud footprint. 3. Demonstrated skill in planning and leading IT systems projects, resolving security problems, and advising senior management on security issues and new developments. 4. Develops and prepares FISMA certification and accreditation documentation, or reviews documentation developed by contractors, in accordance with NIST guidance documents and NRC guidance documents to ensure compliance with Federal IT security laws, regulations, standards, and guidelines. 5. Organizes and leads System Owner Briefings and presents recommendations for resolution of issues to management. Communicates, both orally and in writing, with a variety of audiences to support assigned activities, presents results of analyses, and achieves Office goals. 6. Serves as an ISSM for one or more major IT systems. Oversees the development, implementation, and testing of security plans and proactively plans to mitigate cyber-security risk to systems. Serves as a Sr. Representative to other ISSMs within OCIO and provides additional information and details as needed. Provides guidance and additional details to questions or concerns. Serves as the central contact with other offices and IT system owners and provides leadership to other ISSMs outside of OCIO. 7. Serves as an interagency ISSM representative and participate in associated forums. Works with OCIO system owners and IT security staff at all levels to ensure adequate security controls are being implemented, that risks are documented and managed, and that security issues are addressed at the appropriate organizational level. Conducts High Value Asset assessments to identify critical areas of cybersecurity weakness and develop plans to remediate those weaknesses. Requirements Conditions of Employment U.S. Citizenship Required This is a Drug Testing position. Background investigation leading to a clearance is required for new hires. You must meet the qualifications for this position by no later than 30 calendar days after the closing date of this announcement and before placement in the position. Qualifications In order to qualify for this position, you must have at least one year of specialized experience at the next lower grade level in the Federal service or equivalent experience in the private or public sector. The ideal candidate will be able to demonstrate the following: 1. Demonstrated knowledge of and experience with the Federal Risk and Authorization Management Program (FedRAMP) System. 2. Demonstrated knowledge of and experience planning and leading IT systems projects. 3. Demonstrated knowledge and experience developing, implementing, evaluating, and improving processes for IT policy and implementation aligned to all applicable Federal IT security laws, regulations, standards, and guidelines in support of IT modernization. 4. Demonstrated knowledge of and experience applying the principles and methods of computer security and compliance programs as required by the Federal Information Security Management Act (FISMA) and National Institute of Technology and Standards (NIST) security policy, standards, procedures and guidelines. 5. Demonstrated ability and experience in writing clearly and making logical oral presentations to effectively convey detailed information of a technical or policy nature to colleagues, peers, and senior management officials. SPECIALIZED EXPERIENCE is defined as: A minimum of 5 years in an Information Systems Security Manager (ISSM) Role that demonstrates experience applying Federal Information Security Modernization Act (FISMA) requirements and National Institute of Standards & Technology (NIST) publications. Familiarity with complex, hybrid cloud environments and Supply Chain Risk Management experience is a plus. Education You must include an unofficial or official copy of your college and/or university transcripts with your application. Transcript must include the School Name, Student Name, Degree and Date Awarded (if applicable). Education must be from an accredited (or pre-accredited) college or university recognized by the U.S. Department of Education. If you are qualifying based on foreign education, you must submit proof of credibility of education as evaluated by a credentialing agency. If you have multiple degrees (e.g., BS, MS, PhD) please submit transcripts for each degree. Applicants can verify accreditation at the following website: https://www.ed.gov/accreditation. Additional Information The duty location of this position is Rockville, MD. In general, employees are expected to be in the office at a minimum of 4 days per pay period. Telework schedules, including full-time telework, are approved, on a case-by-case basis. If selected, telework will be determined in accordance with Agency policy and the Collective Bargaining Agreement, if applicable.