The Cyber and Information Security Department at the Applied Research Laboratory at Penn State University is seeking an experienced Information Systems Security Officer to join our team. This team protects the infrastructure of ARL by taking proactive security measures, assessing risks, responding to security breaches, and ensuring compliance. If you consider yourself an analytical leader who enjoys solving problems, is comfortable communicating and collaborating with a diverse audience, and can easily work alone or in a group, read on!
Your working location will be in Annapolis Junction, Maryland. This position may require travel to other ARL locations.
ARL is an authorized DoD SkillBridge partner and welcomes all transitioning military members to apply.
Responsibilities include:
Lead, conduct, develop, validate, and submit information system security plans, security test and evaluation plans, certification and authorization packages, and plans of action and milestones in support of compliance requirements
Lead, conduct, develop, plan, and coordinate risk assessments of information systems in development, test, production and research environments as required by established or newly determined compliance/audit requirements
Monitor and assist in the assessment and review of systems and networks within the environment to identify where systems/networks deviate from acceptable configurations, enclave policy, and local policy
Develop training material related to compliance and audit requirements to assist employees in individual compliance/audits as applicable
Assist in technical requirements such as; vulnerability scanning, review of security/event logs, network analysis, and incident response on an as-needed basis
Typical education and experience requirements include a Bachelor's degree or higher in a related field plus six years of related experience, or an equivalent combination of education and experience.
Required skills and experience areas include:
RMF assessment and authorization process
NIST/ISO standards, Department of Defense directives, and regulatory
requirements
Windows and UNIX/Linux operating system administration
Operational experience, with familiarity in security/event log auditing
Security plan development and/or continuous monitoring for compliance with security plans
The ability to certify and maintain information security related certification
(Security+, CASP, GSEC, CISM, CISSP [CISSP is an anticipated requirement of the sponsor])
An current, active TS/SCI security clearance with poly
Preferred skills and experience areas include:
Vulnerability scanning and mitigation. Nessus, Retina, GFI Languard, Trivvy, or similar tools
TCP/IP network analysis and network/packet level examination tools such as tcpdump, Zenmap, or Wireshark
Network monitoring tools such as Bro, Suricata, or Snort
SEIM management or use for analysis, such as Splunk, ELK, or Alienvault
VMWare and management of Virtual Machines
Policy and procedure development
Enforcement of audit requirements
Development and support of a certification test plans and continuous monitoring plans
Plan of action and milestone development
Training material development
Risk assessment planning and preparation
ARL at Penn State is an integral part of one of the leading research universities in the nation and serves as a University center of excellence in defense science, systems, and technologies with a focus in naval missions and related areas.
Excellent Benefits!!
Benefits | Human Resources (psu.edu)
Candidate selected will be subject to a government security investigation. You must be a U.S. Citizen to apply. Employment with the ARL will require successful completion of a pre-employment drug screen.
ARL is committed to diversity, equity, and inclusion; we believe this is central to our success as a Department of Defense-designated University Affiliated Research Center (UARC). We are at our best when we draw on the talents of all parts of society, and our greatest accomplishments are achieved when diverse perspectives are part of our workforce.