EGS is seeking a Cyber Security Program Manager to serve as enterprise cybersecurity support and execution Program Manager for an EPC Nuclear Power ( NRC ) enterprise.
- Analyze, evaluate, and recommend cybersecurity controls for associated systems and subsystems.
- Implement and uphold cybersecurity policies, procedures, and countermeasures.
Researchers, drafts, and provide input regarding information security policies, trusted computing base architecture, and security engineering practices and processes. - Craft cybersecurity documentation; to include but not limited to Interim Authorization to Test (IATT) and Authorization to Operate (ATO).
- Use the Risk Management Framework (RMF) process to provide and develop any necessary system documentation, settings, self-assessments, and specifications required for the favorable accreditation of the RMF packages.
- Implement a security configuration for all hardware and software components of the project to satisfy compliance with the security controls identified in governing documentation.
- Ensure that the standard methodology for installation, operation, maintenance, update, and/or patching of software does not alter the secure configuration settings from the approved configuration.
- Work in concert with internal and external SMEs to design, test and deliver an end state prototype.
- Participate in recurring status meetings and stakeholder discussions.
- Works in concert with both the Engineers and Program Manager to formulate and document security related activities.
Key Responsibilities: - As Program Manager, oversee the monitoring, detection, and response to cybersecurity threats and incidents using tools like Palo Alto Cortex XDR and Microsoft Defender.
- Oversee network traffic analysis and troubleshooting using WireShark and Tcpdump.
- Support the implementation and management of security measures to protect IT infrastructure, applications, and data.
- Oversee and establish regular vulnerability assessments and security audits to ensure compliance with industry best practices and regulatory requirements.
- Collaborate with senior engineers to develop and refine security policies, procedures, and controls in line with regulatory standards.
- Assist in the investigation and documentation of security incidents, providing detailed reports on findings and remediation efforts.
- Oversee security awareness training for staff, helping to educate employees on best practices and emerging threats.
- Stay up-to-date with the latest cybersecurity trends, threats, and technology developments, recommending enhancements to the security posture as needed.
Job Requirements
Requirements: - Bachelor's degree in Computer Science or a related field.
- 12 years+ of experience in cybersecurity, with minimum of 3 years experience with NRC regulations and applications for Cybersecurity.
- Knowledge of tools such as Palo Alto Cortex XDR, Microsoft Defender, WireShark, and Tcpdump
Preferred: - Advanced degree in Cybersecurity
- 5+ years in EPC for the nuclear industry