Title                             INFORMATION SECURITY(5263850)
Location: Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â CHATTANOOGA TN 37402-2801
Duration:Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â 12 month(s)
Hours: Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â 8:00am to 5:00 pm
Job Description
- THIS PERSON WILL BE ACCOUNTABLE FOR HAVING FIRM KNOWLEDGE IN A BROAD RANGE OF INFORMATION SECURITY DISCIPLINES AND TO EDUCATE AND DRIVE THE IMPLEMENTATION AND STANDARDIZATION OF THE TVA ENTERPRISE SECURITY PROGRAM. THIS WILL INVOLVE CONTRIBUTING TO THE DEVELOPMENT, MAINTENANCE, AND IMPLEMENTATION OF THE ENTERPRISE SECURITY PROGRAM, AND HELPING TO ENSURE THE OVERALL ACHIEVEMENT AND COMPLIANCE WITH THE SECURITY GOALS, REGULATORY REQUIREMENTS AND COMPANY DIRECTION. THIS PERSON WILL BRING BASIC INDUSTRY INSIGHT AND INFORMATION SECURITY UNDERSTANDING TO TVA. PERFORMS CONTROL AND VULNERABILITY ASSESSMENTS TO IDENTIFY WEAKNESSES AND ASSESS THE EFFECTIVENESS OF EXISTING CONTROLS, AND RECOMMENDS REMEDIAL ACTION
- REPORTS TO INFORMATION SECURITY MANAGEMENT CONCERNING RESIDUAL RISK, VULNERABILITIES AND OTHER SECURITY EXPOSURES, INCLUDING MISUSE OF INFORMATION ASSETS AND NONCOMPLIANCE
- PARTICIPATE IN PROJECT REVIEWS, INCIDENT DEBRIEFS AND EVALUATION (SUCH AS AUDIT) REVIEWS TO UNDERSTAND THE ISSUES AND GAPS, FACTOR INTO CONTINUOUS IMPROVEMENT AND ALTER/ENHANCE THE EDUCATION AND COMMUNICATION PLANS.
- PLAYS AN ADVISORY ROLE IN APPLICATION DEVELOPMENT OR ACQUISITION PROJECTS, TO ASSESS SECURITY REQUIREMENTS AND CONTROLS AND ENSURE THAT SECURITY CONTROLS ARE IMPLEMENTED AS PLANNED
- COLLABORATES ON CRITICAL IT PROJECTS TO ENSURE THAT SECURITY ISSUES ARE ADDRESSED THROUGHOUT THE PROJECT LIFE CYCLE
- ASSIST IN BUILDING BUSINESS CASES TO ESTABLISH, GROW AND CHANGE BUSINESS GROUPS, FUNCTIONS AND TECHNOLOGIES AND ESTABLISHES, DEVELOPS AND GROWS INFORMATION SECURITY, RISK AND COMPLIANCE OPERATIONAL SECURITY PROGRAM CONTRIBUTES TO THE DEVELOPMENT OF SECURITY ARCHITECTURE AND SECURITY POLICIES, PRINCIPLES AND STANDARDS.
- EDUCATION — A BACHELOR’S DEGREE IN COMPUTER SCIENCE, ENGINEERING OR A RELATED FIELD OF STUDY; OR EQUIVALENT EDUCATION, TRAINING & EXPERIENCE.
- EXPERIENCE — FIVE OR MORE YEARS OF CURRENT AND HANDS ON INFORMATION TECHNOLOGY EXPERIENCE PROTECTING ELECTRONIC AND INFORMATION BASED ASSETS. MUST HAVE SIGNIFICANT EXPERIENCE LEADING PROJECTS/TEAMS. AUDIT/INVESTIGATIONS EXPERIENCE IS HIGHLY DESIRED. OPERATING PLANT EXPERIENCE IS HIGHLY DESIRED.
- CERTIFICATION/LICENSE, ETC — CISSP, CISM, CISA, CPP, OR EQUIVALENT PREFERRED.
- KNOWLEDGE/SKILLS/ABILITIES — DEMONSTRATED MANAGERIAL COMPETENCIES IN LEADERSHIP, DELEGATION, ANALYSIS, TEAMWORK, COACHING/DEVELOPMENT, CUSTOMER SERVICE, PLANNING/ORGANIZING, FLEXIBILITY, STRESS TOLERANCE, COMMUNICATION. DEMONSTRATED STRATEGIC AND TACTICAL IT PLANNING. BROAD KNOWLEDGE OF BUSINESS FUNCTIONS AND RELATED EIT SECURITY NEEDS. MUST STAY FAMILIAR WITH FEDERAL LAWS, REGULATIONS, AND INDUSTRY BEST PRACTICES FOR EIT SECURITY STRATEGIES AND TECHNOLOGY. KNOWLEDGE OF IT OPERATIONAL INFRASTRUCTURE INCLUDING DISASTER RECOVERY/BACKUP, DATA MANAGEMENT, AND ABILITY TO DEVELOP/ENSURE SECURITY MEASURES/PROCESSES ARE IMPLEMENTED. EXCELLENT ABILITY TO RESEARCH, EVALUATE AND RECOMMEND TECHNICAL SOLUTIONS. ABILITY TO DEVELOP PLANS AND EXECUTE COMPLEX EFFORTS INVOLVING APPLICATION OF ADVANCED TECHNOLOGICAL KNOWLEDGE. MUST DEMONSTRATE TACT AND EFFECTIVE JUDGMENT DEALING WITH CONFIDENTIAL/SENSITIVE MATERIAL. ABILITY TO OBTAIN AND MAINTAIN SECRET SECURITY CLEARANCE REQUIRED. CANDIDATE MAY BE REQUIRED TO OBTAIN AND MAINTAIN A SECURITY CLEARANCE BASED ON POSITION / ACCESS REQUIREMENTS AND ESSENTIAL JOB FUNCTIONS.
|
|
Job Details:
• Previous work experience in the cyber security field.
• Superior written and oral communication skills.
• Strong understanding of TCP/IP communication and network topologies.
• Vulnerability analysis and remediation using automated tools.
• Extreme attention to detail, with emphasis on accuracy.
• Bachelor’s degree in a computer-related field of study or 2+ years of related work experience.
