Edtech.com's Summary

The Pennsylvania State University is hiring a Cyber Information Assurance Analyst. The analyst will evaluate system and network environments to implement cybersecurity programs, manage compliance assessments, mitigate information system risks, and ensure confidentiality, integrity, and availability. They will conduct risk and vulnerability assessments, monitor audits, and support certification and accreditation processes.

Highlights

Conduct risk and vulnerability assessments for departmental systems and networks.
Provide recommendations for system, network, and application design, implementation, and operation.
Monitor corrective actions from system audits and draft Plan of Action and Milestones (POAM).
Obtain certification and accreditation by creating process documentation; support unit or university-wide documentation.
Participate in risk mitigation program controls and periodic audits.
Assist with forensic preservation procedures and stay updated on cybersecurity best practices.
Required technical skills include Windows and Linux OS, CI/CD pipelines, DoD Risk Management Framework (RMF), ACAS, and STIG compliance.
Must hold Security+, CAP, GSEC or equivalent certification and active Top-Secret clearance with eligibility for SCI level.
Preferred skills include experience with GitLab, Ansible, JIRA, Confluence, containerized environments, and vulnerability scanning tools (ACAS, OpenSCAP, Trivy, Grype).
Bachelor's degree in Information Technology, Cybersecurity, or related field required; 0+ to 1+ years of experience depending on level.
Salary range is $56,200 to $102,300 with benefits including medical, dental, vision, retirement plans, paid time off, and a 75% tuition discount.
Position involves up to 50% travel and requires U.S. citizenship and successful background checks, including drug screening and government security clearance.

Cyber Information Assurance Analyst Full Description

APPLICATION INSTRUCTIONS:

CURRENT PENN STATE EMPLOYEE (faculty, staff, technical service, or student), please login to Workday to complete the internal application process. Please do not apply here, apply internally through Workday.
CURRENT PENN STATE STUDENT (not employed previously at the university) and seeking employment with Penn State, please login to Workday to complete the student application process. Please do not apply here, apply internally through Workday.
If you are NOT a current employee or student, please click "Apply" and complete the application process for external applicants.

Approval of remote and hybrid work is not guaranteed regardless of work location. For additional information on remote work at Penn State, see Notice to Out of State Applicants.

POSITION SPECIFICS

We are searching for a Cyber Information Assurance Analyst to join the Risk Management Department, in Reston, VA, in the Applied Research Laboratory (ARL) at Penn State. The CIAA evaluates system and network environments to implement effective cybersecurity programs and determines security controls and policies based on best practices, regulations, and contractual requirements. This role includes managing compliance assessments, mitigating risks to information systems, and ensuring confidentiality, integrity, and availability. CMS Division leverages M&S expertise and other resources to deliver prototypes, demonstrations, and accelerated transitions of emerging research and technologies vital to national security needs, in addition to performing research, development, testing, and evaluations facilitating innovation in practice and development of critical, in-demand capabilities.

ARL is an authorized DoD SkillBridge partner and welcomes all transitioning military members to apply

You will:

Conduct risk assessments and provide recommendations for system, network, and application design, implementation, and operation of departmental systems
Conduct vulnerability assessments of departmental systems and networks to identify deviations from acceptable configurations or policies
Meet with stakeholders regularly to assess needs and requirements at a departmental level
Conduct vulnerability assessments of departmental systems and networks to identify deviations from acceptable configurations or policies
Monitor the corrective actions of departmental system audits; draft documentation of Plan of Action and Milestones (POAM) for review
Obtain certification and accreditation for departmental systems through the creation of process documentation support; may assist with unit or University wide process documentation
Participate in the establishment of program control processes to ensure risk mitigation
Perform periodic audits of departmental systems under general supervision
Participate in the implementation of required policies, procedures, and configurations; make recommendations for improvements
Participate in the preparation of requirements and procedures for forensic preservation
Research and stay current on industry best practices

Additional responsibilities for higher level position includes:

Lead risk assessments and provide recommendations for system, network, and application design, implementation, and operation of unit-wide systems
Lead vulnerability assessments of unit-wide systems and networks to identify deviations from acceptable configurations or policies; conduct assessments of non-standard systems
Monitor the corrective actions of unit-wide system audits; develop and manage Plan of Action and Milestones (POAM)
Meet with stakeholders regularly to assess needs and requirements at a unit-wide level
Obtain certification and accreditation through the creation of process documentation; develop unit or University-wide process documentation
Establish program control processes to ensure risk mitigation
Perform periodic audits of systems
Implement required policies, procedures, and configurations; make recommendations for improvements
Develop requirements and procedures for forensic preservation
Assist in the development of policy, process, and standards of Cyber Incident Response Team (CIRT) program and participate in CIRT activities as needed
Assist in the development and delivery of information security training material
May interface with external entities including law enforcement and intelligence/government agencies
May provide guidance to lower level Analysts

Required skills/knowledge areas include:

Windows and Linux OS
CI/CD pipeline
Review of hardware and software vulnerabilities
DoD Risk Management Framework (RMF)
Understand and enforce policies and procedures within classified space
Previous success with collaborations in a multi-disciplinary, team-oriented culture Assured Compliance Assessment Solution (ACAS) and Security Technical Implementation Guide (STIG)
Ability to multitask multiple programs
Security+, CAP, GSEC or equivalent
Active security clearance, at the Top-Secret level and possession of or eligible for SCI level

Preferred Skills/Knowledge Include:

Development and maintenance of Security Assessment Plans, Risk Assessment Reports, and POAMs
Containerized environments
Gitlab and Ansible
JIRA and Confluence
Vulnerability scanning tools (ACAS, OpenSCAP, Trivy, Grype, etc.)
Bachelors' degree in Information Technology, Cybersecurity or related field

Your working location will be in Reston, VA. Questions related to flexible work should be directed to the hiring manager during the interview process. Travel is expected to be at 50% of the time to surrounding areas.

MINIMUM EDUCATION, WORK EXPERIENCE & REQUIRED CERTIFICATIONSIf filled as Cyber Information Assurance Analyst - Intermediate Professional, this position

requires:Bachelor's Degree1+ years of relevant experience; or an equivalent combination of education and experience acceptedRequired Certifications:NoneIf filled as Cyber Information Assurance Analyst - Professional, this position requires:Bachelor's DegreeNo prior relevant work experience required; previous relevant work experience accepted in lieu of education.Required Certifications:None

ARL's purpose is to research and develop innovative solutions to challenging scientific, engineering, and technology problems in support of the Navy, the Department of Defense (DoD), and the Intel Community (IC).

FOR FURTHER INFORMATION on ARL, visit our web site at www.arl.psu.edu.

BACKGROUND CHECKS/CLEARANCESEmployment with the University will require successful completion of background check(s) in accordance with University policies.

All positions at ARL require candidates to possess the ability to obtain a government security clearance; you will be notified during the interview process if this position is subject to a government background investigation. You must be a U.S. citizen to apply. Employment with the ARL will require successful completion of a pre-employment drug screen.

SALARY & BENEFITSThe salary range for this position, including all possible grades, is $56,200.00 - $102,300.00.**THE PROPOSED SALARY RANGE MAY BE IMPACTED BY GEOGRAPHIC DIFFERENTIAL**

Salary Structure - Information on Penn State's salary structure

Penn State provides a competitive benefits package for full-time employees designed to support both personal and professional well-being. In addition to comprehensive medical, dental, and vision coverage, employees enjoy robust retirement plans and substantial paid time off which includes holidays, vacation and sick time. One of the standout benefits is the generous 75% tuition discount, available to employees as well as eligible spouses and children. For more detailed information, please visit our Benefits Page.

CAMPUS SECURITY CRIME STATISTICS

Pursuant to the Jeanne Clery Disclosure of Campus Security Policy and Campus Crime Statistics Act and the Pennsylvania Act of 1988, Penn State publishes a combined Annual Security and Annual Fire Safety Report (ASR). The ASR includes crime statistics and institutional policies concerning campus security, such as those concerning alcohol and drug use, crime prevention, the reporting of crimes, sexual assault, and other matters. The ASR is available for review here.

EEO IS THE LAW

Penn State is an equal opportunity employer and is committed to providing employment opportunities to all qualified applicants without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability or protected veteran status. If you are unable to use our online application process due to an impairment or disability, please contact 814-865-1473.

Federal Contractors Labor Law Poster

PA State Labor Law Poster

Penn State Policies

Hotlines

Original Job Description