At BWX Technologies, Inc. (NYSE: BWXT), we are People Strong, Innovation Driven. Headquartered in Lynchburg, Va., BWXT provides safe and effective nuclear solutions for national security, clean energy, environmental remediation, nuclear medicine and space exploration. With approximately 6,400 employees, BWXT has 12 major operating sites in the U.S. and Canada. We are the sole manufacturer of naval nuclear reactors for U.S. submarines and aircraft carriers. Our company supplies precision manufactured components, services and fuel for the commercial nuclear power industry across four continents. Our joint ventures provide environmental remediation and nuclear operations management at more than a dozen U.S. Department of Energy and NASA facilities. BWXT’s technology is driving advances in medical radioisotope production in North America and microreactors for various defense and space applications. Follow us on Twitter at @BWXTech and learn more at www.bwxt.com.
BWXT is currently seeking an Information Systems Security Officer for its Lynchburg, VA location!
The Information Systems Security Officer (ISSO) is responsible for ensuring development and proper implementation of the security controls documented in the System Security Plan (SSP) for all information systems for which the ISSO is responsible at BWXT Nuclear Operations Group-Lynchburg (NOG-L). ISSO is responsible for sensitive networks, national security systems that support the business, special purpose, and security functions. The ISSO provides certification documentation to the NOG-L Information Systems Security Manager (ISSM) for all information system accreditations, and performs other duties as required to implement the Cyber Security programs necessary to support U.S. Government regulatory requirements, (DOE/NNSA, NRC, etc.).
- Ensure implementation of protection measures documented in the SSP for each information system for which they are the ISSO.
- Maintain the SSP and associated artifacts, including risk assessments, privacy impact assessments, vulnerability assessments, plans of action, and milestones POA&Ms, etc.
- Ensure that security controls for information system resources are based on the least privilege principle.
- Develop alternative solutions to mitigate risk when the most desirable security controls cannot be fully implemented.
- Identify unique threats to information systems for which they are responsible in coordination with the ISSM, and document in the SSP.
- Provide technical assistance with the initial set-up, secure deployment, and proper management of systems that support information security including virus detection, application whitelisting, centralized logging, data loss prevention, and intrusion detection systems.
- Perform risk assessments and tests of new technology platforms and lead the implementation of standard security configurations (ex: DISA STIG, CIS Benchmarks, etc., prior to production deployment).
- Utilize vulnerability assessment software and related tools to immediately highlight errors in systems configuration; the need for the update of software with fixes and patches, and other security related changes.
- Ensure the implementation of procedures as defined in the Cyber Security Risk Management Plan (CSRMP) and the SSP for each information system for which they are the ISSO.
- Serve as an active member of the Cyber Security Incident Response Team CSIRT, and participate in security incident response efforts by directing first responders to triage an event and performing advanced response actions for escalated events.
- Ensure that information access controls and cyber protection measures are implemented for each information system as described by the SSP.
- Ensure that users and System Administrators are properly trained in information system security by identifying cyber security training needs and the personnel who need to attend the cyber security training program.
- Support awareness training of the workforce on information security standards, policies, and best practices.
- Conduct cyber security reviews and tests to ensure that cyber security features and controls are functioning and effective.
- Perform administration of the centralized logging platform, develops custom dashboards to monitor security status of the environment, and produces periodic reports of key performance indicators and key risk indicators to support Cyber Security metrics at the executive and operational levels.
- Redesign and reengineer internal information handling processes so that information is appropriately protected from a wide variety of problems including unauthorized disclosure, unauthorized use, inappropriate modification, premature deletion, and unavailability.
- Develop technical documentation describing the deployment, configuration, management of shared, networked, and multi-user information security systems.
- Consistently attends conferences, professional association meetings, and technical symposia to remain aware of the latest information security technological developments.
- A Bachelors degree in a related Information Technology field or 5 years of related experience.
- Prior relevant experience includes performing risk assessments, developing security plans, implementing DISA STIGs, and developing standard security configuration guides or similar technical products.
- Must have advanced technical skills and experience with the following: splunk administration, network intrusion detection system (IDS) administration, active directory, group policy objects, anti-virus administration consoles, Data Loss Prevention (DLP) systems, Microsoft Windows operating systems, Linux operating systems, advanced cyber security toolkits, malware analysis, penetration testing, and digital forensics tools.
- Must have an understanding of open-source and other tools to assist in detection, prevention and analysis of security threats.
- Must have a working knowledge of system functions, cyber security policies, and cyber security protection requirements.
- Must have excellent communications skills, especially technical report writing; candidates are encouraged to submit a sample of a technical report authored by the candidate.
- Must hold or be able to obtain a relevant active information security certification, such as GSEC, CEH, CISSP, CISA, GCIH, OSCP, etc.
- Must be able to maintain confidentiality when working with sensitive information.
- Must be able to obtain and maintain a DOE Q clearance.
- Must be a U.S. citizen with no dual citizenships.
Applicants selected will be subject to a Federal background investigation and must meet eligibility requirements for access to classified information or matter. Position requires U.S. citizenship with (no dual citizenship) ability to obtain and maintain a Department of Energy (DOE) security clearance which involves an extensive criminal and financial background investigation, drug test and previous employment reference verifications.
BWXT supports diversity and is committed to the concept of Equal Employment Opportunity. We have established procedures to ensure that all personnel actions such as recruitment, compensation, career development, benefits, company-sponsored training and social recreational programs are administered without regard to race, color, religion, gender, national origin, citizenship, age, disability or veteran status.