Information Systems Security Manager

We are seeking a talented Information Systems Security Manager (ISSM) to join the Field Intelligence Element (FIE). The FIE enables Argonne National Laboratory to provide products and services to DOE's Office of Intelligence and Counterintelligence (DOE-IN), the Intelligence Community (IC) and non-IC Federal agencies. Primary roles and responsibilities for the FIE include the management and operation of secure facilities and their associated telecommunications infrastructure for the creation, storage, protection and exchange of classified information, as well as, administration of the Strategic Intelligence Partnership Program (SIPP).

As the ISSM your role will be to lead the ANL FIE's cybersecurity program while championing a culture of security and accountability. It will be your responsibility to acquire and manage the necessary resources to support the organization's technical, administrative, and organizational information security goals in order to reduce risk and meet Federal compliance requirements.

In this role you will lead efforts to research, plan, implement, assess, and monitor security controls protecting a diverse set of technologies in a classified environment. This role requires a blend of technical knowledge and risk management expertise to effectively operationalize Federal, DOE, and IC information security standards in the execution of a comprehensive information security program. You will also lead efforts in planning, securing, and authorizing new and existing Federal information systems across all stages of the system development lifecycle.

To perform the essential functions of this position, successful applicants must be a citizen or dual citizen from a non-sensitive country to the U.S., which is required to comply with DOE federal regulations and contracts.

Primary Responsibilities:
  • Collaborate with internal and external stakeholders in the implementation, assessment, and ongoing monitoring of Committee on National Security Systems Instruction (CNSSI) 1253 security controls
  • Provide cybersecurity advice and support throughout the IT system lifecycle
  • Communicate the importance of IT security, promote awareness of security issues, and educate project teams on relevant CNSS and IC requirements
  • Supervise and report on all phases of incident response activities
  • Oversee the organization's vulnerability management program
  • Conduct manual security assessments of IT systems at all layers of the technology stack
  • Prepare documentation at each step of the Risk Management Framework (RMF) process in pursuit of an Authority to Operate (ATO) for a variety of systems and networks
  • Oversee the information security training and awareness program
  • Prepare, distribute, and maintain information security plans, instructions, guidance, and standard operating procedures

Required Knowledge, Skills and Experience
  • Relevant Bachelor's degree, or equivalent experience, plus at least 5 years of experience in system administration, security engineering, IT assessment, or other cybersecurity-related roles
  • Strong IT background with the ability and desire to learn new technologies
  • Strong oral and written communication skills with technical and non-technical audiences
  • Experience with Federal cybersecurity standards, including NIST SP 800-series, CNSSI 1253, and Intelligence Community Directive (ICD) 503
  • Experience planning and leading ATO efforts for Federal information systems
  • Proficient time management and task prioritization skills, with outstanding attention to detail
  • Self-starter who is able to execute job responsibilities under limited supervision
  • U.S. citizen with an active TS/SCI clearance

Preferred Knowledge, Skills and Experience
  • Master's degree in Cybersecurity, IT Management, or a related field
  • Experience with scripting languages, including Python, BASH, and PowerShell
  • Experience with RMF ATO workflow and automation tools such as eMASS or Xacta
  • Experience assessing, monitoring, and improving the security posture of IT systems
  • Experience writing cybersecurity-related plans and documentation
  • Knowledge of the following:
    • Computer networking concepts and network security methodologies
    • Defense-in-depth security principles at all layers of a technology stack
    • Network, application, and operating system hardening techniques (e.g., DISA STIGs or CIS benchmarks)
    • Current and emerging cybersecurity threats
    • Current and emerging IT and cybersecurity technologies
    • Host and network access control mechanisms
    • Data backups, types of backups, and recovery tools
    • Penetration testing principles, tools, and techniques
    • Incident response and handling methodologies
  • At least one security-focused certification, such as: Security+ CE, CySA+, SSCP, CCNA Security, CAP, CISA, CISM, OSCP, or CISSP
  • At least one OS/technology-focused certification, such as: CCNA, CCNP, MCSA, MCSE, Linux+, RHCSA, or RHCE

The selected candidate will be placed in the appropriate level (PT4 or PT5) depending upon depth and breadth of relevant knowledge, skills, and experience brought to the position. The requirements for the desired levels are as follows:

PT4: Bachelor's degree and 6+ years of relevant experience or equivalent

PT5: Bachelor's degree and 10+ years of relevant experience or equivalent

Position Requirements

Job Family
Professional Technical (PT)

Job Profile
Computing Security 4

Worker Type

Time Type
Full time

As an equal employment opportunity and affirmative action employer, and in accordance with our core values of impact, safety, respect, integrity and teamwork, Argonne National Laboratory is committed to a diverse and inclusive workplace that fosters collaborative scientific discovery and innovation. In support of this commitment, Argonne encourages minorities, women, veterans and individuals with disabilities to apply for employment. Argonne considers all qualified applicants for employment without regard to age, ancestry, citizenship status, color, disability, gender, gender identity, gender expression, genetic information, marital status, national origin, pregnancy, race, religion, sexual orientation, veteran status or any other characteristic protected by law.

Argonne employees, and certain guest researchers and contractors, are subject to particular restrictions related to participation in Foreign Government Sponsored or Affiliated Activities, as defined and detailed in United States Department of Energy Order 486.1A. You will be asked to disclose any such participation in the application phase for review by Argonne's Legal Department.

All Argonne offers of employment are contingent upon a background check that includes an assessment of criminal conviction history conducted on an individualized and case-by-case basis. Please be advised that Argonne positions require upon hire (or may require in the future) for the individual be to obtain a government access authorization that involves additional background check requirements. Failure to obtain or maintain such government access authorization could result in the withdrawal of a job offer or future termination of employment.

Please note that all Argonne employees are required to be vaccinated against COVID-19. All successful applicants will be required to provide their COVID-19 vaccination verification as a condition of employment, subject to limited legally recognized exemptions to COVID-19 vaccination.

Chicago, IL