Location: Richland, Washington
Title: Cyber Security Analyst IV - Vulnerability Management
Schedule (FT/PT): Regular Full Time
Travel Required: No
Clearance: Ability to Obtain
North Wind Solutions is a Government contracting small business with operations at military and civilian installations across the United States. The company's focus is facilities operation and maintenance, waste management and radiological services, security control and force protection, and environmental services.
POSITION PURPOSE:
As a Cyber Security Analyst IV specializing in vulnerability management, you will hold a pivotal role in guiding the cybersecurity program at the DOE Hanford Site. You will serve as a thought leader and subject-matter expert in vulnerability management, bringing both strategic perspective and hands-on experience to minimize risk exposure. You will collaborate with senior stakeholders, influence policy development, and lead complex, high-impact governance, risk, and compliance (GRC) initiatives.
Why North Wind Solutions? This role offers a platform to exercise strategic influence in a mission-critical environment. As a Cyber Security Analyst IV, you will shape and refine the vulnerability management function within a high-stakes, regulated setting. Join us and lead the charge in safeguarding vital national infrastructure.
ESSENTIAL DUTIES AND RESPONSIBILITIES:
- Lead Vulnerability Management Strategy: Design, implement, and refine processes for identifying, assessing, and prioritizing vulnerabilities across enterprise systems.
- Advanced GRC Oversight: Oversee governance, risk, and compliance projects, presenting metrics and insights to executive leadership on vulnerability trends and program effectiveness.
- Develop and Maintain Documentation: Establish strategies, standards, policies, and procedures in alignment with DOE and National Institute of Standards and Technology (NIST) requirements, ensuring a robust security posture.
- Risk Assessment & Mitigation: Conduct complex risk assessments tied to emerging threats and vulnerabilities, advising on remediation and mitigation steps.
- Cross-Functional Collaboration: Coordinate remediation efforts with IT, engineering, and business teams, ensuring swift and effective resolution of identified vulnerabilities.
- Audits, Investigations, & Incident Response: Provide senior-level support for audits, data calls, investigations, and incident response activities, maintaining strict adherence to regulatory requirements.
MINIMUM QUALIFICATIONS:
Education and Experience:
- Bachelor's Degree in cybersecurity, computer science, or a related field, and 8+ years of direct cybersecurity experience, with a focus on GRC and vulnerability management; or an equivalent combination of education, training, and experience.
- Previous experience in a senior or lead role, demonstrating advanced knowledge of vulnerability management tools and methodologies.
Skills and Abilities:
- Extensive expertise in cybersecurity frameworks (e.g., NIST, CIS, ISO 27001/27002) and proven experience integrating vulnerability management into an overarching security strategy.
- Demonstrated leadership and decision-making skills, with the ability to manage large-scale or complex projects.
- Exceptional communication skills, able to translate technical vulnerabilities into actionable insights for executive audiences.
- Strong stakeholder engagement and interpersonal skills, fostering a culture of collaborative cybersecurity.
Special Requirements:
- Must pass pre-employment background check
- Must pass pre-employment drug screening
- Applicants are required to have REAL ID ACT compliant documentation at time of hire and nothing on record that would prohibit you from gaining access to Department of Energy sites
- Must be able to obtain and maintain at least a DOE "L" clearance
PHYSICAL DEMANDS:
This position is primarily sedentary in nature. The work involves sitting most of the time but may involve walking or standing for brief periods of time. The work may involve exerting up to 10 pounds of force occasionally or a negligible amount of force frequently to lift, carry, push, pull, or otherwise move objects, including the human body.
WORKING ENVIRONMENT:
Works mainly in a typical office environment. The noise level in the work environment is usually quiet.
North Wind offers a competitive pay and benefits package to include health, life, and disability insurance benefits, 401(k) with company match, generous paid leave and tuition reimbursement for eligible employees. As a company, we are committed to employee wellness, professional development, and work-life balance. We value safety, reliability, and commitment to our people! For more information about our benefits or hiring philosophy, visit the North Wind Career Opportunities Page.
Reasonable accommodations may be made to enable qualified individuals with disabilities to perform the essential functions. The nature of those accommodations will be determined on a case-by-case basis. If you are an individual with a disability and require a reasonable accommodation to complete any part of the application process, or are limited in the ability or unable to access or use this online application process and need an alternative method for applying, you may contact our Helpline +1.208.528.8718 or use the Request for Reasonable Accommodation form to get assistance.
North Wind is an Equal Employment Opportunity (EEO) employer and welcomes all qualified applicants. Applicants will receive fair and impartial consideration without regard to race, sex, color, religion, national origin, age, disability, veteran status, genetic data, religion, or other legally protected status. All qualified applicants will receive consideration for employment without regard to their protected veteran status and will not be discriminated against on the basis of disability.
Proof of citizenship will be required as a condition of employment.
Candidates may be required to obtain and hold a Secret or Higher US Government Clearance.