Cyber Security Analyst (41111)

**Job Duties/Scope Of Work**

The Sr. Cybersecurity analyst role is critical for evaluating emerging cybersecurity risks, assisting in developing cybersecurity policies and procedures, assessing systems, providing solutions for meeting cybersecurity requirements, and advising the Director of Cybersecurity, Information System Security Manager (ISSM), DOE, and other Information Management (IM) leaders on cybersecurity related matters.

This role encompasses industrial control systems (ICS) and operational technology (OT), as well as the General Support System (GSS). Protection of these systems, information, and the functions they provide are vital to achieving the DOE Environmental Management (EM) and Hanford mission. Dedicated personnel are required to participate in daily operations and properly assess and evaluate systems to ensure that cybersecurity is implemented effectively.

Key Responsibilities And Duties Include

• Develop and maintain comprehensive cybersecurity policies and procedures in accordance with the Federal Information Security Management Act (FISMA) to safeguard information systems and data
• Participate in development and maintenance of System Security Plans (SSP) in accordance with National Institute of Standards and Technology (NIST)
• Ensure compliance with relevant laws, regulations, and standards
• Conduct risk assessments and vulnerability analyses to identify potential security threats and weaknesses to system environments, including ICS/OT, and determine appropriate mitigations
• Operate, coordinate, and execute day-to-day cybersecurity functions, including certification and accreditation planning and activities, continuous monitoring (CM) activities, cybersecurity assessments, data calls, investigations, and liaison activities, working closely with IT and other organizations to integrate cybersecurity into the organization's operations
• Directly participate in change and configuration management oversight activities relevant to accreditation boundaries
• Evaluate products and participate in projects to address and implement cybersecurity supply chain risk management (SCRM) principles and requirements
• Apply cybersecurity requirements and principles in evaluating design and implementation of new and existing systems and support secure operation and maintenance of systems within accreditation boundaries
• Respond to cybersecurity incidents and intrusions, including investigation, mitigation, and ensuring that reporting requirements are met
• Participate in incident response and disaster recovery exercises and events
• Establish and implement corrective action plans, plan of action and milestones (POAMs), as needed to address cybersecurity issues
• Evaluate systems and processes in operation to verify security requirements are implemented effectively
• Monitor cybersecurity report