Cyber Information Assurance Analyst

APPLICATION INSTRUCTIONS:

• CURRENT PENN STATE EMPLOYEE (faculty, staff, technical service, or student), please login to Workday to complete the internal application process. Please do not apply here, apply internally through Workday.

• CURRENT PENN STATE STUDENT (not employed previously at the university) and seeking employment with Penn State, please login to Workday to complete the student application process. Please do not apply here, apply internally through Workday.

• If you are NOT a current employee or student, please click "Apply" and complete the application process for external applicants.

JOB DESCRIPTION AND POSITION REQUIREMENTS:

We are searching for a Cyber Information Assurance Analyst to join our Cyber, Modeling and Simulation Division in our Reston, VA office of the Applied Research Laboratory (ARL) at Penn State University. ARL's purpose is to research and develop innovative solutions to challenging scientific, engineering, and technology problems in support of the Navy, the Department of Defense (DoD), and the Intel Community (IC). CMS Division leverages M&S expertise and other resources to deliver prototypes, demonstrations, and accelerated transitions of emerging research and technologies vital to national security needs, in addition to performing research, development, testing, and evaluations facilitating innovation in practice and development of critical, in-demand capabilities.

ARL is an authorized DoD SkillBridge partner and welcomes all transitioning military members to apply

This position will be filled at the intermediate professional or advanced professional level depending on the successful candidate's competencies, education, and experience. Minimally requires a Bachelor's degree or higher in Information Technology, Cybersecurity or related field plus 1-3 years of related experience for the intermediate professional level. Additional experience and/or education are required for higher level positions. A Master's Degree is preferred.

The successful candidate will be responsible for the following:

• Conduct risk assessments and provide recommendations for system, network, and application design, implementation, and operation of departmental systems

• Conduct vulnerability assessments of departmental systems and networks to identify deviations from acceptable configurations or policies

• Meet with stakeholders regularly to assess needs and requirements at a departmental level

• Conduct vulnerability assessments of departmental systems and networks to identify deviations from acceptable configurations or policies

• Monitor the corrective actions of departmental system audits; draft documentation of Plan of Action and Milestones (POAM) for review

• Obtain certification and accreditation for departmental systems through the creation of process documentation support; may assist with unit or University wide process documentation

• Participate in the establishment of program control processes to ensure risk mitigation

• Perform periodic audits of departmental systems under general supervision

• Participate in the implementation of required policies, procedures, and configurations; make recommendations for improvements

• Participate in the preparation of requirements and procedures for forensic preservation

• Research and stay current on industry best practices

Additional responsibilities for higher level position includes:

• Lead risk assessments and provide recommendations for system, network, and application design, implementation, and operation of unit-wide systems

• Lead vulnerability assessments of unit-wide systems and networks to identify deviations from acceptable configurations or policies; conduct assessments of non-standard systems

• Monitor the corrective actions of unit-wide system audits; develop and manage Plan of Action and Milestones (POAM)

• Meet with stakeholders regularly to asses needs and requirements at a unit-wide level

• Obtain certification and accreditation through the creation of process documentation; develop unit or University-wide process documentation

• Establish program control processes to ensure risk mitigation

• Perform periodic audits of systems

• Implement required policies, procedures, and configurations; make recommendations for improvements

• Develop requirements and procedures for forensic preservation

• Assist in the development of policy, process, and standards of Cyber Incident Response Team (CIRT) program and participate in CIRT activities as needed

• Assist in the development and delivery of information security training material

• May interface with external entities including law enforcement and intelligence/government agencies

• May provide guidance to lower level Analysts

Required Skills:

• Knowledge of Linux OS

• Understand CI/CD pipeline

• Experience reviewing hardware and software vulnerabilities

• Working knowledge of DoD Risk Management Framework (RMF)

• Knowledge of publications to include; NIST 800-53, 53a, JSIG

• Understand and enforce policies and procedures within classified space

• Ability to effectively communicate and work in team environment

• Attention to detail

• Ability to learn in a fast paced agile work environment

• Active Top Secret /SCI Clearance or SCI eligible

Certifications and licensures required:

• Security+, CAP, GSEC or equivalent

Desired Skills:

• Experience with Elastic

• Experience with Kubernetes

• Knowledge in Git and Ansible

• Working knowledge of JIRA ticketing and wiki

• Experience with ACAS, OpenSCAP, and Trivy

• Software development, Networking, or System Administration experience

Certifications and licensures preferred:

• CASP+, GSLC, CISM, CISSP or equivalent

ARL at Penn State is an integral part of one of the leading research universities in the nation and serves as a University center of excellence in defense science, systems, and technologies with a focus in naval missions and related areas.

The candidate selected will be subject to a government security investigation and will be required to obtain and maintain a TS/SCI clearance. Applicants with an active TS/SCI will be given preference. You must be a U.S. citizen to apply. Employment with ARL will require successful completion of a pre-employment drug screen.

ARL is committed to diversity, equity, and inclusion; we believe this is central to our success as a Department of Defense designated University Affiliated Research Center (UARC). We are at our best when we draw on the talents of all parts of society, and our greatest accomplishments are achieved when diverse perspectives are part of our workforce.

FOR FURTHER INFORMATION on ARL, visit our web site at www.arl.psu.edu.

The pay range for this position, including all possible grades is:

$68,200.00 - $115,100.00

Salary Structure - additional information on Penn State's job and salary structure.

CAMPUS SECURITY CRIME STATISTICS:

Pursuant to the Jeanne Clery Disclosure of Campus Security Policy and Campus Crime Statistics Act and the Pennsylvania Act of 1988, Penn State publishes a combined Annual Security and Annual Fire Safety Report (ASR). The ASR includes crime statistics and institutional policies concerning campus security, such as those concerning alcohol and drug use, crime prevention, the reporting of crimes, sexual assault, and other matters. The ASR is available for review here.

Employment with the University will require successful completion of background check(s) in accordance with University policies.

EEO IS THE LAW

Penn State is an equal opportunity, affirmative action employer, and is committed to providing employment opportunities to all qualified applicants without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability or protected veteran status. If you are unable to use our online application process due to an impairment or disability, please contact 814-865-1473.

Federal Contractors Labor Law Poster

PA State Labor Law Poster

Affirmative Action

Penn State Policies

Copyright Information

Hotlines

University Park, PA