SUMMARY

This position is located in the U.S. Nuclear Regulatory Commission’s (NRC), Office of Nuclear Security and Incident Response,
Division of Physical and Cyber Security Policy Branch. The supervisor is Mario Fernandez. This position is Non Bargaining Unit.
This position IS subject to Confidential Financial Disclosure reporting requirements.
This position IS subject to security ownership restriction reporting requirements

INDIVIDUALS WITH DISABILITIES

Individuals who are eligible under Schedule A.

QUALIFICATIONS

In order to qualify for this position, you must have at least one year of specialized experience at the next lower grade level (GG-13) in the Federal Service or equivalent experience in the private or public sector.

The ideal candidate will be able to demonstrate the following:

• Knowledge of and an ability to interpret and apply regulations, policies, guidelines, and procedures related to the operation and inspection or nuclear facilities.
• Knowledge of the theory, principles, and practices in field of security (cyber) with specific knowledge of nuclear power plant digital systems and equipment associated with safety, security, and emergency preparedness functions.
• Demonstrated ability to effectively communicate technical information both orally and in writing.
• Demonstrated ability to develop and implement successful approaches to problem solving, conflict resolution, apply effective decision-making using available information and risk insights (risk analyses and reviews).

Specialized experience includes experience where you have demonstrated having experience developing regulations or standards, performing reviews of cybersecurity plans, assessing and/or evaluating high-risk critical systems or digital assets from critical infrastructure sectors (e.g., chemical, communications, manufacturing, dams, defense industrial base, energy, food and agricultural, healthcare, transportation systems, or water and wastewater systems) to determine adverse impact resulting from cyber compromise inspections in at least one of the of the following areas as described above.
A description of how you possess the specialized experience as well as how you meet the qualifications desired in an ideal candidate should be addressed in your resume.

2210 BASIC REQUIREMENTS:

Bachelor’s degree: in one of the following Information Technology, Cybersecurity, Computer Science, Information Systems Management, Computer Programming, Networking, and Cybersecurity Analytics and Operations. A Master’s degree (preferred but not required) in Cybersecurity, Cybersecurity Engineering, Professional Studies in Cybersecurity Analytics and Operations, or any other degree in Cybersecurity or Information Technology.
OR
Combination of education and experience (nuclear industry preferred), college-level education, training, and/or technical experience that furnished (1) a thorough knowledge of networking concepts, network administration, vulnerability management, cybersecurity protections for IT and Operational Technology (OT) such as industrial controls systems (ICS) and/or supervisory control and data acquisition systems (SCADA) (2) a good understanding, both theoretical and practical, of industry standards (e.g. National Institute of Standards and Technology (NIST) or International Organization for Standardization (ISO)) The adequacy of such background must be demonstrated by one of the following:1. Professional registration or certification such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH) Certified Penetration Tester (CPT), COMPTIA Security +, Certified Information Security Manager (CISM), and Certified Information Systems Auditor (CISA).

IF YOU ARE RELYING ON YOUR EDUCATION TO MEET QUALIFICATION REQUIREMENTS:

Education must be accredited by an accrediting institution recognized by the U.S. Department of Education in order for it to be credited towards qualifications. Therefore, provide only the attendance and/or degrees from schools accredited by accrediting institutions recognized by the U.S. Department of Education.
Failure to provide all of the required information as stated in this vacancy announcement may result in an ineligible rating or may affect the overall rating.

The successful candidate will perform the full range of IT Specialist duties.
Such duties include but are not limited to:
1. Acting as engineered systems technical analyst for the review of plant specific critical systems and critical digital assets and to determine adverse impacts including propagating effects from cyber compromise.
2. Providing technical support for the development of cybersecurity requirements and associated regulatory guidance.
3. Gathering and interpreting complex and diverse technical data; analyzes the data and forms recommendations for agency positions related to cybersecurity. Develops technical bases for agency positions related to cybersecurity.
4. Acting as contract project officer and directs contractors in working to support agency cybersecurity regulatory programs.
5. Communicating with external authorities such as the Department of Homeland Security (DHS), the Federal Bureau of Investigation (FBI) and other government agencies about cybersecurity activities and events.
6. Conducting cybersecurity risk analyses and reviews and ensures that actions are taken by licensees to address any vulnerabilities identified.
7. Developing and maintains regulatory security documentation, procedures, and other technical documents.
8. Providing responses to cybersecurity inquiries from internal and external authorities.