Information Systems Security Manager

About The Position

Requirements

• Current eligibility for access to classified information at the Top-Secret level or higher and may be subject to a government background investigation to upgrade clearance eligibility, if required
• Assessment and authorization of systems and networks using CMMC and RMF NIST/ISO standards (e.g. 800-53 and 800-171), Department of Defense directives, DISA STIG, and regulatory requirements
• Strong technical background with significant experience using multiple operating systems, such as Windows and Linux
• Policy, procedure, plan of action and milestone, risk assessment, and security plan development with experience monitoring for compliance
• Working knowledge of system functions, security policies, technical security safeguards, and operational security measures
• Management or leadership experience in the information technology and security space
• The ability to certify and maintain information security related certifications (eg. Security+ and CISSP)
• Success in an office environment, where various forms of communication and organizational skills were crucial to be effective
• Previous success with collaborations in a multi-disciplinary, team-oriented culture
• Aptitude to work independently, as well as in diverse teams across multiple disciplines in the Lab
• Bachelor's Degree
• 8+ years of relevant experience, includes 3+ years of supervisory experience; or an equivalent combination of education and experience accepted

Nice To Haves

• A Bachelor’s degree in Information Security, Information Technology, or Computer Science
• Vulnerability scanning and mitigation utilizing Nessus, Retina, GFI Languard, or a similar tool
• Networking fundamentals, including various concepts, tools, and administrative functions
• SEIM management or use for analysis, such as Splunk, ELK, or Alienvault
• VMWare and management of Virtual Machines
• Training material development

Responsibilities

• Lead a team of cybersecurity professionals, to include hiring, professional development, and performance management
• Develop, validate, submit, and maintain information system security plans, certification and authorization packages, and plans of action and milestones in support of compliance requirements
• Develop and maintain security documentation
• Oversee development and implementation of risk assessments against information systems in all phases
• Monitor and assist in the assessment and review of current and new systems and networks to ensure compliance with current cybersecurity policies, concepts, and measures
• Develop training material related to compliance and audit requirements to assist employees in individual compliance/audits
• Assist in technical responsibilities, including vulnerability scanning, review of security/event logs, network analysis, and incident response as-needed
• Ensure cyber requirements are effectively and efficiently communicated to operational and research leadership to ensure integration into respective team processes

Benefits

• Penn State provides a competitive benefits package for full-time employees designed to support both personal and professional well-being.
• In addition to comprehensive medical, dental, and vision coverage, employees enjoy robust retirement plans and substantial paid time off which includes holidays, vacation and sick time.
• One of the standout benefits is the generous 75% tuition discount, available to employees as well as eligible spouses and children.