Serves as a subject matter expert responsible for developing, implementing, and managing a Controlled Unclassified Information (CUI) program in accordance with DOE Order 471.7 and National Archives and Records Administration (NARA) guidelines. Oversee the CUI sensitive but unclassified information which is not publicly releasable without authorization. Protection includes inventory, data systems and dissemination controls by law, regulation, and Government-wide policy. The role involves ensuring proper handling, safeguarding, and compliance of CUI data throughout the organization. Coordinates tasks with internal and external stakeholders. Conducts compliance audits and ensures resolution of corrective actions. Will deliver CUI training and awareness programs and develop future content updates as required.
Essential Duties and Responsibilities:
- Develop and implement a CUI program, including policies and procedures.
- Coordinate with stakeholders and federal agencies on CUI requirements.
- Conduct CUI compliance audits and manage corrective actions.
- Manage CUI inventory and data handling systems.
- Design and deliver CUI training and awareness programs.
- Ensuring organization-wide compliance with CUI requirements across diverse teams.
- Addressing gaps in CUI handling or incidents of non-compliance.
- Developing innovative solutions for integrating CUI management into existing cybersecurity frameworks.
- Internal: Collaborates with legal, security, IT, and other departments to ensure CUI compliance.
- External: Liaises with federal agencies and contractors to align CUI practices with regulatory requirements.
Required Knowledge, Skills, and Abilities:
- Bachelor’s degree in information security, Business Administration, or a related field
- Minimum of 7 years of related work experience in information security or compliance, with at least 2 years managing a CUI program or similar compliance initiative.
- In-depth understanding of DOE Order 471.7, NARA CUI guidelines, and information security principles.
- Practical knowledge of compliance auditing and data classification techniques.
- Proficiency with core MS Office applications including Outlook, Word, and Excel.
- Exceptional interpersonal, oral and written communication skills suitable for both technical and non-technical audiences.
Preferred Knowledge, Skills, and Abilities:
- Familiarity with compliance frameworks such as NIST SP 800-171, NIST800-53 and FISMA requirements
- Experience with multiple operating systems (e.g., Windows, Linux, Macintosh).
- Experience working in a research environment.
- Experience in a complex computing environment
OTHER INFORMATION:
- Visa sponsorship is not available for this position
Brookhaven Laboratory is committed to providing fair, equitable and competitive compensation. The full salary range for this position is $90700 - $136050 / year. Salary offers will be commensurate with the final candidate’s qualification, education and experience and considered with the internal peer group
