Job Details
The Cyber and Information Security Department at the Applied Research Laboratory at Penn State University is seeking an experienced Information Systems Security Officer to join our team. This team protects the infrastructure of ARL by taking proactive security measures, assessing risks, responding to security breaches, and ensuring compliance. If you consider yourself an analytical leader who enjoys solving problems, is comfortable communicating and collaborating with a diverse audience, and can easily work alone or in a group, read on!
Your working location will be in Annapolis Junction, Maryland. This position may require travel to other ARL locations.
ARL is an authorized DoD SkillBridge partner and welcomes all transitioning military members to apply.
Responsibilities include:
- Lead, conduct, develop, validate, and submit information system security plans, security test and evaluation plans, certification and authorization packages, and plans of action and milestones in support of compliance requirements
- Lead, conduct, develop, plan, and coordinate risk assessments of information systems in development, test, production and research environments as required by established or newly determined compliance/audit requirements
- Monitor and assist in the assessment and review of systems and networks within the environment to identify where systems/networks deviate from acceptable configurations, enclave policy, and local policy
- Develop training material related to compliance and audit requirements to assist employees in individual compliance/audits as applicable
- Assist in technical requirements such as; vulnerability scanning, review of security/event logs, network analysis, and incident response on an as-needed basis
Typical education and experience requirements include a Bachelor's degree or higher in a related field plus six years of related experience, or an equivalent combination of education and experience.
Required skills and experience areas include:
- RMF assessment and authorization process
- NIST/ISO standards, Department of Defense directives, and regulatory
- requirements
- Windows and UNIX/Linux operating system administration
- Operational experience, with familiarity in security/event log auditing
- Security plan development and/or continuous monitoring for compliance with security plans
- The ability to certify and maintain information security related certification
- (Security+, CASP, GSEC, CISM, CISSP [CISSP is an anticipated requirement of the sponsor])
- An current, active TS/SCI security clearance with poly
Preferred skills and experience areas include:
- Vulnerability scanning and mitigation. Nessus, Retina, GFI Languard, Trivvy, or similar tools
- TCP/IP network analysis and network/packet level examination tools such as tcpdump, Zenmap, or Wireshark
- Network monitoring tools such as Bro, Suricata, or Snort
- SEIM management or use for analysis, such as Splunk, ELK, or Alienvault
- VMWare and management of Virtual Machines
- Policy and procedure development
- Enforcement of audit requirements
- Development and support of a certification test plans and continuous monitoring plans
- Plan of action and milestone development
- Training material development
- Risk assessment planning and preparation
ARL at Penn State is an integral part of one of the leading research universities in the nation and serves as a University center of excellence in defense science, systems, and technologies with a focus in naval missions and related areas.
Excellent Benefits!!
Benefits | Human Resources (psu.edu)
Candidate selected will be subject to a government security investigation. You must be a U.S. Citizen to apply. Employment with the ARL will require successful completion of a pre-employment drug screen.
ARL is committed to diversity, equity, and inclusion; we believe this is central to our success as a Department of Defense designated University Affiliated Research Center (UARC). We are at our best when we draw on the talents of all parts of society, and our greatest accomplishments are achieved when diverse perspectives are part of our workforce.