Cyber Information Assurance Analyst - University Park, United States - Pennsylvania State University

Description

APPLICATION INSTRUCTIONS:

CURRENT PENN STATE EMPLOYEE (faculty, staff, technical service, or student), please login to Workday to complete the internal application process ) .

Please do not apply here, apply internally through Workday.

CURRENT PENN STATE STUDENT (not employed previously at the university) and seeking employment with Penn State, please login to Workday to complete the student application process.

) Please do not apply here, apply internally through Workday.

If you are NOT a current employee or student, please click "Apply" and complete the application process for external applicants ) .


JOB DESCRIPTION AND POSITION REQUIREMENTS:

We are searching for a Cyber Information Assurance Analyst to join our Cyber, Modeling and Simulation Division in our Reston, VA office of the Applied Research Laboratory (ARL) at Penn State University.

ARL's purpose is to research and develop innovative solutions to challenging scientific, engineering, and technology problems in support of the Navy, the Department of Defense (DoD), and the Intel Community (IC).

CMS Division leverages M&S expertise and other resources to deliver prototypes, demonstrations, and accelerated transitions of emerging research and technologies vital to national security needs, in addition to performing research, development, testing, and evaluations facilitating innovation in practice and development of critical, in-demand capabilities.

ARL is an authorized DoD SkillBridge partner and welcomes all transitioning military members to apply

This position will be filled at the intermediate professional or advanced professional level depending on the successful candidate's competencies, education, and experience.

Minimally requires a Bachelor's degree or higher in Information Technology, Cybersecurity or related field plus 1-3 years of related experience for the intermediate professional level.

Additional experience and/or education are required for higher level positions. A Master's Degree is preferred.

The successful candidate will be responsible for the following:

Conduct risk assessments and provide recommendations for system, network, and application design, implementation, and operation of departmental systems

Conduct vulnerability assessments of departmental systems and networks to identify deviations from acceptable configurations or policies

Meet with stakeholders regularly to assess needs and requirements at a departmental level

Conduct vulnerability assessments of departmental systems and networks to identify deviations from acceptable configurations or policies

Monitor the corrective actions of departmental system audits; draft documentation of Plan of Action and Milestones (POAM) for review

Obtain certification and accreditation for departmental systems through the creation of process documentation support; may assist with unit or University wide process documentation

Participate in the establishment of program control processes to ensure risk mitigation

Perform periodic audits of departmental systems under general supervision

Participate in the implementation of required policies, procedures, and configurations; make recommendations for improvements

Participate in the preparation of requirements and procedures for forensic preservation

Research and stay current on industry best practices

Additional responsibilities for higher level position includes:
Lead risk assessments and provide recommendations for system, network, and application design, implementation, and operation of unit-wide systems

Lead vulnerability assessments of unit-wide systems and networks to identify deviations from acceptable configurations or policies; conduct assessments of non-standard systems

Monitor the corrective actions of unit-wide system audits; develop and manage Plan of Action and Milestones (POAM)

Meet with stakeholders regularly to asses needs and requirements at a unit-wide level

Obtain certification and accreditation through the creation of process documentation; develop unit or University-wide process documentation

Establish program control processes to ensure risk mitigation

Perform periodic audits of systems

Implement required policies, procedures, and configurations; make recommendations for improvements

Develop requirements and procedures for forensic preservation

Assist in the development of policy, process, and standards of Cyber Incident Response Team (CIRT) program and participate in CIRT activities as needed

Assist in the development and delivery of information security training material

May interface with external entities including law enforcement and intelligence/government agencies

May provide guidance to lower level Analysts


Required Skills:
Knowledge of Linux OS

Understand CI/CD pipeline

Experience reviewing hardware and software vulnerabilities

Working knowledge of DoD Risk Management Framework (RMF)

Knowledge of publications to include; NIST 800-53, 53a, JSIG

Understand and enforce policies and procedures within classified space

Ability to effectively communicate and work in team environment

Attention to detail

Ability to learn in a fast paced agile work environment

Active Top Secret /SCI Clearance or SCI eligible


Certifications and licensures required:
Security+, CAP, GSEC or equivalent


Desired Skills:
Experience with Elastic

Experience with Kubernetes

Knowledge in Git and Ansible

Working knowledge of JIRA ticketing and wiki

Experience with ACAS, OpenSCAP, and Trivy

Software development, Networking, or System Administration experience


Certifications and licensures preferred:
CASP+, GSLC, CISM, CISSP or equivalent

ARL at Penn State is an integral part of one of the leading research universities in the nation and serves as a University center of excellence in defense science, systems, and technologies with a focus in naval missions and related areas.

The candidate selected will be subject to a government security investigation and will be required to obtain and maintain a TS/SCI clearance.

Applicants with an active TS/SCI will be given preference. You must be a U.S. citizen to apply. Employment with ARL will require successful completion of a pre-employment drug screen.

ARL is committed to diversity, equity, and inclusion; we believe this is central to our success as a Department of Defense designated University Affiliated Research Center (UARC).

We are at our best when we draw on the talents of all parts of society, and our greatest accomplishments are achieved when diverse perspectives are part of our workforce.

FOR FURTHER INFORMATION on ARL, visit our web site at

The pay range for this position, including all possible grades is:

$68, $115,100.00

Salary Structure ) - additional information on Penn State's job and salary structure.


CAMPUS SECURITY CRIME STATISTICS:

Pursuant to the Jeanne Clery Disclosure of Campus Security Policy and Campus Crime Statistics Act and the Pennsylvania Act of 1988, Penn State publishes a combined Annual Security and Annual Fire Safety Report (ASR).

The ASR includes crime statistics and institutional policies concerning campus security, such as those concerning alcohol and drug use, crime prevention, the reporting of crimes, sexual assault, and other matters.

The ASR is available for review here ) .

Employment with the University will require successful completion of background check(s) in accordance with University policies.


EEO IS THE LAW

Penn State is an equal opportunity, affirmative action employer, and is committed to providing employment opportunities to all qualified applicants without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.

If you are unable to use our online application process due to an impairment or disability, please contact

Federal Contractors Labor Law Poster )

PA State Labor Law Poster

Affirmative Action )

Penn State Policies

Copyright Information )

Hotlines

University Park, PA