Cyber Information Assurance Analyst

About The Position

Requirements

• Windows and Linux OS
• CI/CD pipeline
• Review of hardware and software vulnerabilities
• DoD Risk Management Framework (RMF)
• Understand and enforce policies and procedures within classified space
• Previous success with collaborations in a multi-disciplinary, team-oriented culture
• Assured Compliance Assessment Solution (ACAS) and Security Technical Implementation Guide (STIG)
• Ability to multitask multiple programs
• Security+, CAP, GSEC or equivalent
• Active security clearance, at the Top-Secret level and possession of or eligible for SCI level
• Bachelor's Degree
• 1+ years of relevant experience; or an equivalent combination of education and experience accepted
• None
• No prior relevant work experience required; previous relevant work experience accepted in lieu of education.

Nice To Haves

• Development and maintenance of Security Assessment Plans, Risk Assessment Reports, and POAMs
• Containerized environments
• Gitlab and Ansible
• JIRA and Confluence
• Vulnerability scanning tools (ACAS, OpenSCAP, Trivy, Grype, etc.)
• Bachelors' degree in Information Technology, Cybersecurity or related field

Responsibilities

• Conduct risk assessments and provide recommendations for system, network, and application design, implementation, and operation of departmental systems
• Conduct vulnerability assessments of departmental systems and networks to identify deviations from acceptable configurations or policies
• Meet with stakeholders regularly to assess needs and requirements at a departmental level
• Conduct vulnerability assessments of departmental systems and networks to identify deviations from acceptable configurations or policies
• Monitor the corrective actions of departmental system audits; draft documentation of Plan of Action and Milestones (POAM) for review
• Obtain certification and accreditation for departmental systems through the creation of process documentation support; may assist with unit or University wide process documentation
• Participate in the establishment of program control processes to ensure risk mitigation
• Perform periodic audits of departmental systems under general supervision
• Participate in the implementation of required policies, procedures, and configurations; make recommendations for improvements
• Participate in the preparation of requirements and procedures for forensic preservation
• Research and stay current on industry best practices
• Lead risk assessments and provide recommendations for system, network, and application design, implementation, and operation of unit-wide systems
• Lead vulnerability assessments of unit-wide systems and networks to identify deviations from acceptable configurations or policies; conduct assessments of non-standard systems
• Monitor the corrective actions of unit-wide system audits; develop and manage Plan of Action and Milestones (POAM)
• Meet with stakeholders regularly to assess needs and requirements at a unit-wide level
• Obtain certification and accreditation through the creation of process documentation; develop unit or University-wide process documentation
• Establish program control processes to ensure risk mitigation
• Perform periodic audits of systems
• Implement required policies, procedures, and configurations; make recommendations for improvements
• Develop requirements and procedures for forensic preservation
• Assist in the development of policy, process, and standards of Cyber Incident Response Team (CIRT) program and participate in CIRT activities as needed
• Assist in the development and delivery of information security training material
• May interface with external entities including law enforcement and intelligence/government agencies
• May provide guidance to lower level Analysts

Benefits

• Penn State provides a competitive benefits package for full-time employees designed to support both personal and professional well-being.
• In addition to comprehensive medical, dental, and vision coverage, employees enjoy robust retirement plans and substantial paid time off which includes holidays, vacation and sick time.
• One of the standout benefits is the generous 75% tuition discount, available to employees as well as eligible spouses and children.