Reference #: REQ_0000048523
APPLICATION INSTRUCTIONS:
CURRENT PENN STATE EMPLOYEE (faculty, staff, technical service, or student), please login to Workday to complete the internal application process. Please do not apply here, apply internally through Workday.
CURRENT PENN STATE STUDENT (not employed previously at the university) and seeking employment with Penn State, please login to Workday to complete the student application process. Please do not apply here, apply internally through Workday.
If you are NOT a current employee or student, please click "Apply" and complete the application process for external applicants.
JOB DESCRIPTION AND POSITION REQUIREMENTS:
We are searching for a Cyber Information Assurance Analyst to join our Cyber, Modeling and Simulation Division in our Reston, VA office of the Applied Research Laboratory (ARL) at Penn State University. ARL's purpose is to research and develop innovative solutions to challenging scientific, engineering, and technology problems in support of the Navy, the Department of Defense (DoD), and the Intel Community (IC). CMS Division leverages M&S expertise and other resources to deliver prototypes, demonstrations, and accelerated transitions of emerging research and technologies vital to national security needs, in addition to performing research, development, testing, and evaluations facilitating innovation in practice and development of critical, in-demand capabilities.
ARL is an authorized DoD SkillBridge partner and welcomes all transitioning military members to apply
This position will be filled at the intermediate professional or advanced professional level depending on the successful candidate's competencies, education, and experience. Minimally requires a Bachelor's degree or higher in Information Technology, Cybersecurity or related field plus 1-3 years of related experience for the intermediate professional level. Additional experience and/or education are required for higher level positions. A Master's Degree is preferred.
The successful candidate will be responsible for the following:
Conduct risk assessments and provide recommendations for system, network, and application design, implementation, and operation of departmental systems
Conduct vulnerability assessments of departmental systems and networks to identify deviations from acceptable configurations or policies
Meet with stakeholders regularly to assess needs and requirements at a departmental level
Conduct vulnerability assessments of departmental systems and networks to identify deviations from acceptable configurations or policies
Monitor the corrective actions of departmental system audits; draft documentation of Plan of Action and Milestones (POAM) for review
Obtain certification and accreditation for departmental systems through the creation of process documentation support; may assist with unit or University wide process documentation
Participate in the establishment of program control processes to ensure risk mitigation
Perform periodic audits of departmental systems under general supervision
Participate in the implementation of required policies, procedures, and configurations; make recommendations for improvements
Participate in the preparation of requirements and procedures for forensic preservation
Research and stay current on industry best practices
Additional responsibilities for higher level position includes:
Lead risk assessments and provide recommendations for system, network, and application design, implementation, and operation of unit-wide systems
Lead vulnerability assessments of unit-wide systems and networks to identify deviations from acceptable configurations or policies; conduct assessments of non-standard systems
Monitor the corrective actions of unit-wide system audits; develop and manage Plan of Action and Milestones (POAM)
Meet with stakeholders regularly to asses needs and requirements at a unit-wide level
Obtain certification and accreditation through the creation of process documentation; develop unit or University-wide process documentation
Establish program control processes to ensure risk mitigation
Perform periodic audits of systems
Implement required policies, procedures, and configurations; make recommendations for improvements
Develop requirements and procedures for forensic preservation
Assist in the development of policy, process, and standards of Cyber Incident Response Team (CIRT) program and participate in CIRT activities as needed
Assist in the development and delivery of information security training material
May interface with external entities including law enforcement and intelligence/government agencies
May provide guidance to lower level Analysts
Required Skills:
Knowledge of Linux OS
Understand CI/CD pipeline
Experience reviewing hardware and software vulnerabilities
Working knowledge of DoD Risk Management Framework (RMF)
Knowledge of publications to include; NIST 800-53, 53a, JSIG
Understand and enforce policies and procedures within classified space
Ability to effectively communicate and work in team environment
Attention to detail
Ability to learn in a fast paced agile work environment
Active Top Secret /SCI Clearance or SCI eligible
Certifications and licensures required:
Security+, CAP, GSEC or equivalent
Desired Skills:
Experience with Elastic
Experience with Kubernetes
Knowledge in Git and Ansible
Working knowledge of JIRA ticketing and wiki
Experience with ACAS, OpenSCAP, and Trivy
Software development, Networking, or System Administration experience
Certifications and licensures preferred:
CASP+, GSLC, CISM, CISSP or equivalent
ARL at Penn State is an integral part of one of the leading research universities in the nation and serves as a University center of excellence in defense science, systems, and technologies with a focus in naval missions and related areas.
The candidate selected will be subject to a government security investigation and will be required to obtain and maintain a TS/SCI clearance. Applicants with an active TS/SCI will be given preference. You must be a U.S. citizen to apply. Employment with ARL will require successful completion of a pre-employment drug screen.
ARL is committed to diversity, equity, and inclusion; we believe this is central to our success as a Department of Defense designated University Affiliated Research Center (UARC). We are at our best when we draw on the talents of all parts of society, and our greatest accomplishments are achieved when diverse perspectives are part of our workforce.
FOR FURTHER INFORMATION on ARL, visit our web site at www.arl.psu.edu.
The pay range for this position, including all possible grades is:
$68,200.00 - $115,100.00
Salary Structure - additional information on Penn State's job and salary structure.
CAMPUS SECURITY CRIME STATISTICS:
Pursuant to the Jeanne Clery Disclosure of Campus Security Policy and Campus Crime Statistics Act and the Pennsylvania Act of 1988, Penn State publishes a combined Annual Security and Annual Fire Safety Report (ASR). The ASR includes crime statistics and institutional policies concerning campus security, such as those concerning alcohol and drug use, crime prevention, the reporting of crimes, sexual assault, and other matters. The ASR is available for review here.
Employment with the University will require successful completion of background check(s) in accordance with University policies.
EEO IS THE LAW
Fe
S:SKINTIAGP2