Dieses Stellenangebot ist nicht mehr verfügbar
Senior IT Security Analyst
INPO
- Atlanta, Georgia, United States
- Atlanta, Georgia, United States
Über
Essential Functions
Matures INPO's cybersecurity program, aligning governance, controls, and reporting with NIST Cybersecurity Framework 2.0 and NIST AI Risk Management Framework by setting the standard for security at INPO
Refines and maintains IT and security policies, standards, and procedures that operationalize DOE/DOC 810, NRC, and ISO requirements within INPO's compliance environment
Maintains the IT risk register and applies assessment and maturity methods to drive consistent identification, analysis, and mitigation tracking across IT
Ensures IT integrates risk considerations into technology initiatives, architecture decisions, and change management processes
Translates technical risks into executive-level insights that inform prioritization, investment and strategic decisions for the CFO, IT Director, and Senior Leadership Team
Produces monthly metrics and quarterly reports on risk posture, trends, maturity, and recommended actions
Oversees third‑party risk across SaaS, service providers, and supply chain to ensure external relationships meet risk tolerance and contractual/compliance obligations
Coordinates IT audits, regulatory examinations, security awareness training, penetration testing, and independent assessments; drives timely remediation and continuous compliance
Applies security intelligence from Security Operations Center (SOC)/Managed Detection and Response (MDR) vendors to inform actions, assessments and decision‑making
Monitors emerging cyber and AI risks, regulatory changes, and industry best practices for nuclear and critical infrastructure, updates strategy accordingly
Performs hands‑on configuration, monitoring and system administration of enterprise vulnerability management tools (e.g. Qualys) and Governance, Risk and Compliance (GRC) platforms (e.g. ServiceNow GRC, X‑Analytics)
Performs other duties as assigned
Knowledge, Skills, and Abilities
Translates complex cybersecurity and compliance risks into executive‑level insights for technical and non‑technical stakeholders through advanced communication skills
Demonstrates mastery in IT risk management, cybersecurity frameworks, and regulatory compliance, leading strategic risk initiatives and mentoring teams on risk assessment methodologies
Proven ability to lead cross‑functional teams in risk assessment and compliance initiatives while fostering continuous improvement in risk management practices
Proven ability to deliver timely completion of risk mitigating actions, regulatory assessments and compliance programs
Proven ability to analyze complex risk scenarios, threat intelligence, and compliance information to inform decision‑making and risk mitigation strategies
Maintains strict confidentiality of sensitive cybersecurity intelligence, risk assessments, and regulatory examination findings
Demonstrates mastery in the relevant specialty area, spearheading initiatives, providing mentorship to team members, and championing innovation and strategic enhancements across the organization
Advanced communication skills used to drive organization change initiatives and convey complex ideas and project strategies in a clear and compelling manner to stakeholders
Proven ability to lead and collaborate with diverse teams to achieve common goals, while providing mentorship and guidance to team members, fostering a culture of continuous improvement and excellence
Demonstrated ability to strategically allocate resources to manage a portfolio of programs; prioritizing tasks, meeting deadlines, and proactively mitigating program risks to ensure successful outcomes
Advanced ability to use research, analysis, and stakeholder feedback to influence and execute program strategies while remaining up‑to‑date with industry regulations and compliance standards
Advanced proficiency in solving complex and multifaceted problems using data, trend, and problem analysis to inform decision making improvements to the program portfolio
Exemplifies exceptional ability to seek out learn from feedback, coaching, and new experiences. Anticipates challenges and leverages learnings to drive strategic innovation and mentor cross‑functional teams
Lead cross‑departmental collaboration efforts to strategically harness collective creativity and drive significant innovation within the organization. Exhibit exceptional communication skills to effectively convey complex ideas and facilitate high‑level discussions. Demonstrate a proven track record of impactful cross‑functional projects, ensuring alignment and synergy among diverse teams
Ability to work and maintain confidentiality of highly sensitive/private information
Education, Licenses, and Certifications Required
High School Diploma or GED
Preferred
Bachelor's degree in cybersecurity, computer science, information technology, information assurance, network engineering or network security, or a related field of study
Certified in Risk and Information Systems Control (CRISC)
Certified Information Security Manager (CISM)
Certified Information Systems Security Professional (CISSP)
Experience Required
Six or more years of professional work experience
Four or more years of experience in risk management, audit, or cybersecurity governance in regulated industries
Preferred
Six or more years of experience in risk management, audit, or cybersecurity governance in regulated industries
Experience developing, implementing, and maturing GRC program maturity
Nuclear industry or critical infrastructure experience with regulatory compliance requirements
Third‑party risk management experience including vendor assessments and supply chain risk analysis
Executive reporting and stakeholder management experience with C‑suite and Board‑level presentations
Additional Requirements Work Context
Must be able to work prolonged periods of sitting at a desk and working on a computer
Must be able to work under minimal supervision
Must be able to sit, stand, walk, stoop, kneel, crouch, climb, and crawl
Must be able to lift 25 pounds
Must have a US state or territory issued Real ID compliant driver’s license or identification card
Behaviors and Assessments/Additional Requirements
All INPO employees are expected to abide by behavioral expectations as outlined in INPO’s Core Values, Team Effectiveness Attributes, and Leadership Effectiveness Attributes
Employment is dependent upon successfully completing a pre‑employment background check and drug and alcohol test
This position may require obtaining unescorted access status
This position requires direct or indirect access to certain export‑controlled technology, for which INPO may be required to obtain an export license in accordance with applicable U.S. export control laws and regulations. If an export license is required, any offer of employment at INPO for this position is contingent upon receipt of the export license or authorization
Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights notice from the Department of Labor.
#J-18808-Ljbffr
Sprachkenntnisse
- English
Hinweis für Nutzer
Dieses Stellenangebot wurde von einem unserer Partner veröffentlicht. Sie können das Originalangebot einsehen hier.