Cybersecurity Subject Matter Expert

Project IKE is seeking an experienced Cybersecurity Subject Matter Expert (SME) to lead the design, implementation, and sustainment of the cybersecurity program for a next‑generation uranium enrichment facility. This role is responsible for defining and managing the end‑to‑end cybersecurity architecture across enterprise IT, industrial control systems (ICS), operational technology (OT), and supporting digital infrastructure.

The SME will establish security monitoring, vulnerability management, and compliance sustainment services aligned with U.S. nuclear regulatory requirements and applicable federal cybersecurity frameworks. This position is critical to ensuring the protection of sensitive nuclear information, safety systems, and mission‑critical operations.

Define and maintain the cybersecurity reference architecture for IT, OT, and IC S environments.

Lead secure network segmentation strategies (e.g., zones, conduits, data diodes, zero trust principles).

Develop system security requirements for plant systems, digital instrumentation & control (I&C), and supporting infrastructure.

Ensure secure integration of vendor systems, EPC deliverables, and site digital platforms.

Design and oversee Security Operations Center (SOC) capabilities for the facility.

Implement continuous monitoring for IT and OT networks, including anomaly detection and log aggregation.

Define incident‑response playbooks tailored to nuclear and industrial environments.

Coordinate cyber incident response with plant operations, safety, and regulatory stakeholders.

Establish a risk‑based vulnerability management program for IT and OT assets.

Define patch‑management strategies compatible with safety‑critical and high‑availability systems.

Conduct threat modelling and support secure configuration baselines for plant systems.

Oversee periodic security assessments, penetration testing (where permitted), and supply‑chain risk reviews.

Lead compliance with applicable standards and regulations, including:

• NRC cybersecurity requirements (e.g., 10 CFR 73.54, RG 5.71 as applicable)
• NIST Cybersecurity Framework (CSF)
• NIST SP 800‑82 (ICS security)
• NIST SP 800‑53 / 800‑171 (as required)
• TEMPEST
• NEI cybersecurity guidance

Develop and maintain the Cybersecurity Plan, policies, procedures, and supporting documentation.

Support audits, inspections, and regulatory interactions.

Establish long‑term cybersecurity sustainment and governance processes.

Serve as the cybersecurity technical authority for Project IKE.

Interface with engineering, I&C, IT, physical security, safety, and licensing teams.

Provide cybersecurity requirements to EPC contractors and technology vendors.

Mentor junior cybersecurity staff and support workforce development.