Troops to Energy Jobs

Job Information

Tennessee Valley Authority Specialist, Cybersecurity Governance - 509649 in CHATTANOOGA, Tennessee

Specialist, Cybersecurity Governance - 509649

Job ID: 509649 Location: CHATTANOOGA, TN Regular/Temporary:

Responsibilities

Specialist, Cybersecurity Governance- 509649

Organization: Information Technology

Department: Cybersecurity Governance and Engagement

Location: Chattanooga, Tennessee

Relocation Assistance Offered: Yes, if eligible

Posting Open: 12/4/2019

Posting Close: 12/11/2019 at 11:59pm EST

Salary: Competitive

POSITION PURPOSE:

This person will be accountable for having firm knowledge in a broad range of Information Security disciplines and to educate and drive the implementation and standardization of the TVA enterprise security program. This will involve contributing to the development, maintenance, and implementation of the enterprise security program, and helping to ensure the overall achievement and compliance with the security goals, regulatory requirements and company direction. This person will have security compliance experience, focusing on FISMA, CIP, and SOX, and will exhibit excellent written and oral communication skills. This person will bring some industry insight and information security understanding to TVA. Develops, implements and safeguards TVA cybersecurity practices.

PRINCIPAL ACCOUNTABILITIES:

  • Provide support for the ongoing execution of TVA’s enterprise-wide Federal Information Security Management Act (FISMA) program.

  • Provide support for the development of FISMA System Security Plans (SSPs) for TVA business units.

  • Provide support for determining the appropriate Federal Information Processing Standard Publication 199 (FIPS 199) ratings for key TVA business systems across the enterprise.

  • Provide support in the development of security processes, procedures, and work instructions in support of FISMA requirements.

  • Provide support for control and vulnerability assessments to identify weaknesses and assess the effectiveness of existing controls, and recommends remedial action.

  • Plays an advisory role in application development or acquisition projects, to assess security requirements and controls and ensure that security controls are implemented as planned

  • Provide support for critical projects to ensure that security issues are addressed throughout the project life cycle.

  • Assist in building business cases to establish, grow and change business groups, functions and technologies and establishes, develops and grows information security, risk and compliance operational security program.

  • Coordinate with Cybersecurity Operations staff to inter-connect governance needs and operational activities, to include vulnerability assessments and related mitigation activities.

  • Support the development of security architecture and security policies, principles and standards

  • Assist in the development of standard awareness and overall education/outreach programs related to information security and establish a mechanism to monitor and measure Information Security Risk understanding and maturity level.

  • Recommends security configuration and operations standards for security systems and applications, including policy assessment and compliance tools, network security appliances, and host-based security systems

  • Recommends and validates baseline security configurations for operating systems, applications, networking and telecommunications equipment

  • Support internal/external audits and remediation of findings

  • Provides support to incident investigations. Identify the findings and associated mitigation and ensure they are implemented in a timely fashion. Take these findings and incorporate into long term remediation/prevention efforts

MINIMUM REQUIREMENTS:

Education — A Bachelor’s Degree in computer science, engineering or a related field of study; or equivalent education, training & experience.

Experience — Five or more years of current and hands on Information Technology experience protecting electronic and information based assets through efforts related to governance, operational security or audit. FISMA, CIP, and SOX experience is highly desired. Audit/Investigations experience is highly desired.

Certification/License, etc — CISSP, CISM, CISA, CPP, CAP or equivalent preferred.

Knowledge/Skills/Abilities — Broad knowledge of business functions and related security needs. Must stay familiar with Federal laws, regulations, and industry best practices for security strategies and technology. Basic Knowledge of FISMA programs and related requirements. Basic experience with CIP and SOX compliance. Excellent ability to research, evaluate and recommend technical solutions. Ability to develop plans and execute complex efforts involving application of advanced technological knowledge. Must demonstrate tact and effective judgment dealing with confidential/sensitive material. Ability to obtain and maintain Secret security clearance required. Candidate may be required to obtain and maintain a security clearance based on position / access requirements and essential job functions.

Equal Employment Opportunity

TVA values and embraces diversity. We encourage all individuals to apply regardless of race, color, national origin, ethnicity, gender, sex, abilities/disabilities, sexual orientation, religion, veteran status and age. We strive to be inclusive of all the people we serve across the Valley.

TVA is an Equal Opportunity employer and complies with all applicable laws and regulations regarding equal employment opportunities. Any applicant or employee who believes s/he has a discrimination claim (including harassment or retaliation) must contact TVA’s Equal Opportunity Compliance office within 45 calendar days of the event or action s/he believes to constitute discrimination, harassment, or retaliation.

Drug-Free Workplace

All TVA Non-Nuclear employees are covered by TVA's Federal Drug-Free Workplace Program Plan, in accordance with Executive Order 12564, Public Law 100-71 and the Mandatory Guidelines for Federal Workplace Drug Testing. Information regarding the Drug Free Workplace Program can be found at www.samhsa.gov/workplace. TVA Non-Nuclear employees in Testing Designated Positions, including those performing safety-sensitive duties are also subject to random drug testing. TVA Nuclear employees are subject to random alcohol and drug tests in accordance with 10 CFR Part 26 as mandated by the Nuclear Regulatory Commission (NRC).

How to Claim Vet Preference

If you are a U.S. Military Veteran and would like to be considered a preference-eligible veteran for the purposes of your employment application to TVA, please take the necessary actions outlined in the application process. Please submit your military documents each time you apply for a position.

How to Submit Documentation:

1) Upload documents after you complete the application by clicking Careers Home, Cover Letters and Attachments, and Add Attachment, or

2) Email documents to Veteran@tva.gov

Apply Now

DirectEmployers