Information Systems Security Manager ISSM
Penn State University
The Information Technology Services Division of the Enterprise Operations Office at the Applied Research Laboratory (ARL) is seeking an experienced ISSM to support the Cyber Security Department in both unclassified and classified environments and be responsible for the coordination, design, evaluation, and submission of critical compliance required documentation and controls applicable to new and existing security services, controls, solutions, processes, procedures, and policies in direct support of research and development. This job will be filled as a level 3, or level 4, depending upon the successful candidate's competencies, education, and experience. Typically requires a Bachelor's degree or higher plus four years of related experience, or an equivalent combination of education and experience for a level 3. Additional experience and/or education and competencies are required for higher level jobs. A Bachelor’s degree in Information Security, Information Technology, or Computer Science is desired. The following is preferred: Operational experience with familiarity in security/event log auditing; experience with vulnerability scanning and mitigation utilizing Nessus or similar tool; familiarity with Windows, UNIX/Linux, and OSX operating system security; familiarity with TCP/ IP network analysis and network/packet level examination tools such as tcpdump, Zenmap, or Wireshark; familiarity with network monitoring tools such as Bro, Suricata, or Snort; familiarity with SEIM management such as Splunk; and familiarity with VMWare and management of Virtual Machines. Required experience areas include: Certification and accreditation processes such as RMF and DIACAP that directly supports research and development; policy and procedure development; test plan creation that directly supports research and development; security plan development; plan of action and milestone development; training material development; risk assessment planning and preparation; knowledge in NIST/ISO standards, DoD directives, and regulatory requirements; knowledge in the definition and interpretation of audit requirements; and the ability to certify and maintain information security related certification (GSLC, CISM, CISSP). You should possess: Effective analytical and problem solving skills; excellent communication skills; efficient organizational and multitasking skills; the ability to work independently and timely for the completion of tasks and projects; and the ability to work effectively in teams across multiple IT disciplines that directly support research and development. Candidate selected will be subject to a government security investigation. You must be a U.S. citizen to apply. Employment with the Applied Research Laboratory will require successful completion of a pre-employment drug screen.
These salary bands have been established to provide salary guidelines for staff positions.