Analysis Skills, Best Practices, Communication Skills, Computer Engineering, Computer Networks, Computer Science, Computer Security, Computer Systems, Continuous Improvement, DOE Clearance, DOE-Q (Top Secret Restricted Data), Documentation, Environmental Management, Gap Analysis, Information Technology & Information Systems, Information/Data Security (InfoSec), Internet Security, Maintain Compliance, Mentoring, Network Security, Procedure Implementation, Regulations, Regulatory Requirements, Research Skills, Risk Management, Risk Management Framework (RMF), Security Analysis, Software Engineering, Support Documentation, Team Player, Technical Support, Technical Writing, U.S. National Institute of Standards and Technology (NIST), United States Department of Energy (DOE), Writing Skills
Location: Aiken, SC
Work Location: Savannah River Site (SRS)
Schedule: Full-Time | Onsite with limited telework
Clearance Requirement: Ability to obtain and maintain DOE Q Clearance
Position Overview
EGS is seeking an Associate Computer Security Engineer ? Common Controls & RMF Compliance to support cybersecurity governance, Risk Management Framework (RMF) implementation, and common control activities at the Savannah River Site.
This position is ideal for an early-career cybersecurity professional interested in cybersecurity governance, compliance, technical documentation, and NIST-based security programs. The selected candidate will support implementation and maintenance of NIST RMF requirements and enterprise common control boundaries within a highly regulated DOE environment.
The successful candidate will work closely with experienced cybersecurity personnel and receive mentorship related to Department of Energy (DOE), National Nuclear Security Administration (NNSA), and Environmental Management (EM) cybersecurity standards, governance processes, and regulatory requirements.
Responsibilities
RMF & Common Controls Support
- Assist with implementation and maintenance of NIST Risk Management Framework (RMF) activities
- Support development, documentation, and maintenance of enterprise common control implementations
- Participate in RMF lifecycle activities including:
- System categorization
- Control selection
- Control implementation
- Security assessment
- Authorization support
- Continuous monitoring
- Support cybersecurity governance and compliance initiatives across the enterprise
Documentation & Research
- Prepare and maintain cybersecurity documentation including control implementation summaries, procedures, and security artifacts
- Conduct research related to NIST guidance, DOE/NNSA directives, cybersecurity policies, and industry best practices
- Assist with development and updates to cybersecurity procedures and compliance documentation
- Support internal assessments, gap analyses, and compliance reviews
Collaboration & Technical Support
- Collaborate with cybersecurity teams and senior technical staff to ensure consistent implementation of cybersecurity requirements
- Assist with cybersecurity governance and policy alignment activities
- Support continuous improvement initiatives related to cybersecurity compliance and risk management
- Stay current with evolving cybersecurity frameworks, standards, and regulatory environments
- Communicate effectively with technical and non-technical stakeholders
Required Qualifications
Education & Experience
One of the following combinations is required:
- Bachelor's degree in Information Technology, Computer Science, Cybersecurity, Computer Engineering, Software Engineering, or related discipline
- Non-technical Bachelor's degree with 2+ years of related experience
- Associate's degree in IT-related field with 2+ years of related experience
- Non-technical Associate's degree with 4+ years of related experience
- High School Diploma/GED with 6+ years of equivalent experience
Required Skills
- Basic understanding of cybersecurity principles, protections, and frameworks
- Foundational knowledge of computer systems, networking, and information security concepts
- Strong written communication and technical composition skills
- Strong analytical and research capabilities
- Ability to learn and adapt to complex cybersecurity requirements and regulatory environments
- Ability to work effectively within a collaborative team environment
- Ability to work onsite with limited telework availability
Preferred Qualifications
- Exposure to NIST SP 800-series guidance or NIST RMF processes
- Familiarity with cybersecurity governance, compliance, or technical documentation activities
- Understanding of RMF lifecycle components including categorization, control implementation, assessment, authorization, and continuous monitoring
- Experience supporting cybersecurity compliance initiatives or internal assessments
- Previous DOE, federal, defense, or nuclear industry experience
- Active DOE Q or L Clearance preferred
Security Requirements
- Must be able to obtain and maintain a DOE Q Clearance
- Active DOE clearance preferred but not required to start
- Subcontractor must maintain active eFOCI registration and approved Facility Clearance with DOE/NNSA
Work Schedule
This position follows a standard 40-hour work week. Various work schedules may be utilized including:
- 5/8 Schedule
- 4/10 Schedule
- 9/80 Schedule