Cyber Information Assurance Analyst
Penn State University
The Information Technology Services Division of The Applied Research Laboratory (ARL) at Penn State is seeking an Information Systems Security Officer to assist in the coordination, design, evaluation, and submission of critical compliance required documentation and controls applicable to new and existing security services, controls, solutions, processes, procedures, and policies at ARL. Responsibilities include: Participate in conducting, developing, validating, and submitting information system security plans, security test and evaluation plans, certification and accreditation packages, and plan of action and milestones in support of compliance requirements; assist in conducting, developing, planning, and coordinating risk assessments of information systems in development, test, production and research environments as required by established or newly determined compliance/audit requirements; assist in the monitoring, assessment, and review of systems and software within the environment to identify where systems/networks deviate from acceptable configurations, enclave policy, and local policy; support in the development of training material related to compliance and audit requirements to assist employees in individual compliance/audits as applicable; and assist in specialized requirements such as; vulnerability scanning, review of security/event logs, network analysis, and incident response on an as-needed basis. This job will be filled as a level 2, or level 3, depending upon the successful candidate's competencies, education, and experience. Typically requires a Bachelor's degree or higher plus two years of related experience, or an equivalent combination of education and experience for a level 2. Additional experience and/or education and competencies are required for higher level jobs. A Bachelor’s Degree in Cyber and Information Security, Computer Science, or Information Technology is highly desired. Preferred experience includes: Two or more years operational experience with assessment & authorization or certification and accreditation within the Department of Defense (DoD) 800-53 framework; experience with assessment of NIST 800-171 controls and SSP creation/maintenance; strong specialized writing skills dealing with cyber security procedures and polices (system security plans, contingency plans, COOP plans, after action reports); POA&M creation, tracking and maintenance for vulnerability life cycles; familiarity in security/event log auditing; vulnerability scanning and mitigation utilizing Nessus, Retina, or similar tool; familiarity with Windows and Unix/Linux operating system administration including security configuration (ex DISA STIGS, CIS Benchmarks); familiarity with SEIM management such as Splunk or ELK; and familiarity with VMWare and management of Virtual Machines. Required skills include: Knowledge in assessment and authorization (A&A) process specifically RMF or DIACAP; policy and procedure development; test plan creation; security plan development; plan of action and milestone development; training material development; risk assessment planning and preparation; knowledge in NIST/ISO standards, DoD and IC directives, and regulatory requirements; knowledge in defining and interpretation of audit requirement; effective analytical and problem solving skills; excellent communication skills; efficient organizational and multitasking skills; ability to work independently and timely completion of tasks and projects; and the ability to work effectively in teams across multiple Information Technology disciplines. Ability to certify and maintain information security related certification (Security+, CASP, GSEC, CISM, CISSP). Candidate selected will be subject to a government security investigation. You must be a U.S. Citizen to apply. Employment with the Applied Research Laboratory will require successful completion of a pre-employment drug screen. The Applied Research Laboratory (ARL) at Penn State is committed to diversity, equity, and and inclusion; we believe this is central to our success as a Department of Defense designated University Affiliated Research Center (UARC). We are at our best when we draw on the talents of all parts of society, and our greatest accomplishments are achieved when diverse perspectives are part of our workforce. This is a fixed-term appointment funded for one year with excellent possibility of re-funding.
These salary bands have been established to provide salary guidelines for staff positions.