The Cyber Security Specialist (Apprentice) is an entry-level position that allows the employee to develop and assist with providing cyber security support for the Enterprise Information Services for the Department of Energy Savannah River (DOE-SR), in Aiken, SC. The employee will develop in the fundamentals of Cybersecurity conducting technical analysis and the implementation of security controls, vulnerability management, incident response activities, and risk assessments across the DOE Enterprise.

• Perform Vulnerability Management support including scanning assigned network space for vulnerabilities, notification to owner and personnel accountable, tracking remediation, reporting and validation.

• Perform Security Configuration Management support including research and development of applicable baselines, configuration scanning, and notification to owner and personnel accountable, tracking remediation, reporting and validation.
• Develop and perform Cyber Security Awareness training.
• Maintains awareness of current cyber security information and events.
• Supports security activities within SDLC in accordance with DOE CSP and Risk Management Framework
• Supports DOE Oversight function of site tenant systems and cyber security activities.
• Assist penetration testing, forensic analysis, and incident response activities.
• Assist development and review of security related policy, procedures, standard operating procedures and other program documentation.
• Assist policy, procedure, and program document development and review
• Performs other duties as assigned by Program Manager or DOE Counterpart.
• Attend meetings, training and conferences
• Assist DOE-SR Cyber Security with developing and maintenance of Cyber Lab.
• Develop and perform Cyber Security Awareness training
• Develop outcome-based measures (metrics) to determine the effectiveness and efficiency of the cyber security program and security controls

Knowledge, Skills and Abilities:

• Attention-to-detail is critical, proven ability to look closely at your work to identify and correct errors, spot and improve weaknesses and produce a near-perfect end-result.

• Ability to identify problems, brainstorm and analyze answers, and implement the best solutions.
• Familiarity of applicable regulations affecting Cyber Security and National Institute of Standards and Technology (NIST) 800 Series, Risk Management Framework (RMF), Cyber Security Framework and other GRC Standards.
• Ability to develop and review security related policy, procedures or standard operating procedures and other program documentation.
• Strong written and verbal communications skills.

Clearance:

• Must possess (or be able to obtain) a “Q” level security clearance.

Education:

• Education requirement: Minimum High School diploma or GED

Experience:

• 3 years in IT / IT security experience

Certification:

• Highly desired certifications: SEC+,  CySA+, CEH, GSEC, GCIH
• Other IAT/IAM Level I, II and III Certifications will be beneficial

• Covers 100% of employee benefit premiums, including Medical (PPO or HDHP Option), Vision, Dental

• Matching 401K
• Short- and Long-Term Disability
• Pet Insurance
• Professional Development/Education Reimbursement
• Parking and Transit Benefits for NY, NJ, ATL, and DC Metro areas

Other Duties:

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.