Cyber Information Assurance Analyst

About The Position

Requirements

• Current eligibility for access to classified information at the Top-Secret level or higher and may be subject to a government background investigation to upgrade clearance eligibility, if required
• Assessment and Authorization experience of systems and networks using CMMC and RMF NIST/ISO standards (eg. NIST SP 800-53 and NIST SP 800-171), Department of Defense directives, DISA STIG, and regulatory requirements
• Strong technical background, with significant experience using multiple operating systems to include Windows and Linux
• Policy, procedure, plan of action and milestone, risk assessment and security plan development with experience of continuous monitoring for compliance with said documentation
• System functions, security policies, technical security safeguards, and operational security measures
• The ability to certify and maintain information security related certifications (eg. Security+, CISSP, and any other required certifications)
• Excellent communications, analytical and problem-solving skills
• Efficient organizational, multitasking, and time management abilities

Nice To Haves

• A Bachelor’s degree in Information Security, Information Technology, or Computer Science
• Management or leadership experience in IT and information security space
• Vulnerability scanning and mitigation utilizing Nessus, Retina, GFI Languard, or similar tool
• Experience with networking fundamentals including various concepts, tools, and administrative functions
• Working knowledge of container image security and experience overseeing security for containerized environments (docker, podman, etc)
• SEIM management or use for analysis, such as Splunk, ELK, or AlienVault
• VMWare and management of Virtual Machines
• Training material development

Responsibilities

• Develop, validate, submit, and maintain information system security plans, certification and authorization packages, and plans of action and milestones in support of compliance requirements
• Oversee development and implementation of risk assessments against information systems in all phases of their lifecycles
• Provide cybersecurity recommendations for system, network, and application design
• Monitor and assist in the assessment and review of current and new systems and networks to ensure compliance with current cybersecurity policies, concepts, and measures
• Develop training material related to compliance and audit requirements to assist employees in individual compliance/audits as applicable
• Assist in technical requirements such as; vulnerability scanning, review of security/event logs, network analysis, and incident response on an as-needed basis

Benefits

• Penn State provides a competitive benefits package for full-time employees designed to support both personal and professional well-being.
• In addition to comprehensive medical, dental, and vision coverage, employees enjoy robust retirement plans and substantial paid time off which includes holidays, vacation and sick time.
• One of the standout benefits is the generous 75% tuition discount, available to employees as well as eligible spouses and children.