This position is posted for internal candidates only, if no internal candidate is identified we will open the post to the public.
Job Description
Reporting to the GLE Information Security Manager, the GLE Information Technology (IT) Manager is responsible for overseeing GLE’s IT systems and infrastructure and leading the IT team members in developing, administering, and ensuring the compliance of GLE’s cybersecurity programs to meet or exceed the federal regulations governing the protection of company’s unclassified and classified information systems and classified matters.
Roles And Responsibilities•Lead and oversee all aspects of GLE’s Information Technology programs for unclassified and classified IT systems, information security, IT procurements, and related tasks
•Work with Engineering, Operations, and other internal business units to gather requirements, research, evaluate, plan, deploy, and support enterprise software platforms to fulfill the Company’s business objectives
•Manage and maintain highly resilient, high-performance, scalable, and flexible classified and unclassified information systems
•Implement effective corporate and classified matter information system security programs to drive risk reduction and compliance
•Drive information system security risk reduction and continuous improvement projects by identifying, prioritizing and implementing appropriate corrective and preventive actions
•Develop and implement drills to demonstrate information system security capability and effectiveness
•Maintain and ensure Company information systems compliance in accordance with US Government requirements, specifically with respect to the Company’s FOCI Mitigation Plan, Company Security Agreement, SPPP, PCSP, and other related plans and procedures
•Plan, recommend, and evaluate informational security and business continuity measures for operational environments and/or information systems to safeguard information
•Review and provide oversight of information system vulnerabilities for security risks and propose and implement risk mitigation strategies
•Ensure appropriate security controls are in place that will safeguard electronic data and virtual electronic infrastructure
•Develop and oversee execution of comprehensive information system security policies, guidelines, and procedures
•Oversee response to information system security breaches and viruses
•Working with the Information Security Manager to develop the IT department budgets
•Ensure that IT department strategies and processes adequately support the Company objectives while maintaining safety, security, and regulatory compliance
•Ensure appropriate levels of industry certifications and training are maintained for all IT staff
Other Responsibilities
•Establish and maintain a collaborative relationship with regulatory organizations and stakeholders
•Maintain effective, timely communication with regulatory agencies
•Undertake from time to time any other responsibilities consistent with the incumbent’s skills, qualifications, and experience level
Requirements
•Must possess an active US NRC/DOE Q-clearance or equivalent (DOD Top Secret)
•Basic industry certifications in information security (g., Sec+, etc.)
•Advanced industry certifications in information security (g., CISM, CISSP, SSCP, CCSP, CEH, etc.), must have or obtain within 6 months
•Detailed working knowledge of NIST Standards (e.g., 800-53, 800-82, 800-171) and CNSSI 1253
Basic Qualifications, Education, And Experience
•Bachelor’s degree or relative experience in information technology, science, engineering, or security-related field
•At least eight (8) years of experience installing physical servers, Storage Area Networks (SAN), and workstations
•At least eight (8) years of experience creating and deploying virtual environments
•At least eight (8) years of troubleshooting hardware and software errors by running diagnostics, documenting problems and resolutions, prioritizing problems, and assessing impact of issues
•At least five (5) years of experience overseeing or administering information technology programs under the purview of the US DOE, NRC, or DOD
•At least five (5) years of experience working with regulatory/federal agency representatives, facilitating regulatory inspections, and administering regulatory documentation
•Experience and familiarity with the 10CFR95 (Facility Security Clearance and Safeguarding of National Security Information and Restricted Data)
•Experience and familiarity working under US NRC regulations pertaining to classified matter protection programs
•Experience and familiarity overseeing information security and cybersecurity programs as well as the administration and maintenance of classified computing networks
•Experience in the nuclear and/or uranium enrichment industry
•Experience and familiarity overseeing information security and cybersecurity programs as well as the administration and maintenance of classified computing networks
•Proficient in Microsoft Office products including Outlook, Excel, and Word
Desired Qualifications
•Advanced degree in information technology, business, engineering, or security-related field
•Experience and familiarity working under US NRC regulations pertaining to classified matter protection programs
•At least two (2) years of experience working in a classified matter protection program
•Familiarity with NRC regulations regarding special nuclear material
•Experience in the nuclear and/or uranium enrichment industry
•Experience overseeing or administering classified matter protection programs for research and development programs (e.g., at a national laboratory or similar)
•Familiarity with NRC regulations regarding special nuclear material
Competencies
•Demonstrated experience (+ years) working in or around classified programs
•Strong business acumen with ability to foresee and balance the impact of security protocols on the Company’s technology development, business operations, and external communications
•Excellent communication and presentation skills, ability to influence stakeholders and build trust with customers, managers, and team members
•Ability to sift through complex information and focus on critical priorities
•Well-developed planning and organization skills with acute attention to detail
•Demonstrated ability to anticipate and solve complex problems beyond the scope of the role
•History of delivering on commitments, with a proven track record of overcoming obstacles
•Ability to interface effectively with operational and regulatory authorities in a matrix organization
•High energy and ability to motivate others