Cyber Security Systems Engineer

• CURRENT PENN STATE EMPLOYEE (faculty, staff, technical service, or student), please login to Workday to complete the internal application process. Please do not apply here, apply internally through Workday.
• CURRENT PENN STATE STUDENT (not employed previously at the university) and seeking employment with Penn State, please login to Workday to complete the student application process. Please do not apply here, apply internally through Workday.
• If you are NOT a current employee or student, please click "Apply" and complete the application process for external applicants.

Approval of remote and hybrid work is not guaranteed regardless of work location.For additional information on remote work at Penn State, seeNotice to Out of State Applicants.

POSITION SPECIFICS

We are searching for a self-motivated Cyber Security Engineer to join our Joint Mission Integration and Experimentation Division within the Information Advantage Office of the Applied Research Laboratory (ARL) at Penn State. The JMIE Division provides special communications capabilities and experimentation networks supporting: Advance command and control across the Department of War; Cross domain solutions to support data transfer across experimental networks and impact levels; Advanced computer tactical systems that deliver edge data processing and machine automation.

ARL is an authorized DoD SkillBridge partner and welcomes all transitioning military members to apply.

You will:

• Define, communicate, and implement cybersecurity architecture and administration processes for cloud environments across multiple network domains
• Collaborate across our cloud infrastructure delivery team and with stakeholders using an Agile process to ensure design, implementation, verification, and continuous monitoring of cloud solutions across multiple domains
• Develop Risk Management Framework (RMF) Body of Evidence artifacts, including system security plans and cybersecurity concept of operations documents operating within Cloud environments in alignment with existing RMF packages
• Apply secure software engineering methodologies, security engineering principles, secure design and secure coding techniques along with the control selection, configuration and operation of applicable tools, including static analysis and dynamic analysis together with supporting processes. This includes testing of the system security requirements implementation across infrastructure to ensure security control validation as well as functionality
• Perform application security assessments in a DevSecOps continuous integration and continuous deployment (CI/CD) environment in support of client cybersecurity efforts
• Perform activities, including assessment planning, analysis, and reporting
• Employs best practices when implementing security controls, secure architecture and design to include software engineering methodologies, security engineering principles, secure design and secure coding techniques along with the control selection, configuration and operation of applicable tools, including static analysis and dynamic analysis together with supporting processes. This includes testing of the system security requirements implementation across infrastructure to ensure security control validation as well as functionality
• Responsible for the coordination, generation and oversite of RMF documentation for the successful accreditation of multiple cloud environments including the Cyber Security Strategy and Continuous Monitoring Plans as well as overall program lifecycle RMF requirements to include but not be limited to patch management, supply chain, change and defect management
• Mentor and supervise team members, as needed

Additional responsibilities for higher level position includes:

• Interface with Information System Security Officers (ISSO) and Information System Security Managers (ISSM), including reviewing documentation, systems security plans (SSPs), risk assessment reports, accreditation packages, and Plan of Actions and Milestones (POA&Ms)
• Work independently to develop RMF A&A documentation and artifacts to obtain RMF Authority to Operate (ATO)

Required skills/experience areas include:

• Multiple years of experience with developing Risk Management Framework (RMF) products and working through system accreditations to ensure RMF implementation across multiple environments
• Experience in security focused system design that can be scalable across multiple domains while accounting for security requirements across multiple system architectures
• Background providing subject matter expertise in a cyber domain, including vulnerability management and assessment, scanning tools, and assessing system compliance with security controls
• Versed in reviewing policy, planning compelling evidence documents, and writing test results for NIST 800-53 / JSIG Security Controls and Assessment Procedures
• Active TS/SCI security clearance

Preferred skills/experience areas include:

• Delivering configuration management (CM) for information system security software, hardware, and firmware
• Past experience as a System or Network Administrator
• Work experience with Windows and Linux environments
• Ability to analyzing technical and policy documentation for DoD organizations
• Developing training materials in compliance with DoD or DON RMF process training
• Experience with eMASS, ACAS and applying STIGs
• Governance, Risk, and Compliance (GRC), CISM, CCISO, CISSP, GIAC, GSLC, or CASP+ Certification

Your working location will be onsite in San Diego, CA. Questions related to flexible work should be directed to the hiring manager during the interview process.

This position will require periodic travel to local and remote locations in support of testing and evaluation

MINIMUM EDUCATION, WORK EXPERIENCE & REQUIRED CERTIFICATIONS

BACKGROUND CHECKS/CLEARANCES

SALARY & BENEFITS

Salary Structure - Information on Penn State's salary structure

Penn State provides a competitive benefits package for full-time employees designed to support both personal and professional well-being. In addition to comprehensive medical, dental, and vision coverage, employees enjoy robust retirement plans and substantial paid time off which includes holidays, vacation and sick time. One of the standout benefits is the generous 75% tuition discount, available to employees as well as eligible spouses and children. For more detailed information, please visit our Benefits Page.

CAMPUS SECURITY CRIME STATISTICS

Pursuant to the Jeanne Clery Disclosure of Campus Security Policy and Campus Crime Statistics Act and the Pennsylvania Act of 1988, Penn State publishes a combined Annual Security and Annual Fire Safety Report (ASR). The ASR includes crime statistics and institutional policies concerning campus security, such as those concerning alcohol and drug use, crime prevention, the reporting of crimes, sexual assault, and other matters. The ASR is available for review here.

EEO IS THE LAW

Penn State is an equal opportunity employer and is committed to providing employment opportunities to all qualified applicants without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability or protected veteran status. If you are unable to use our online application process due to an impairment or disability, please contact 814-865-1473.

Federal Contractors Labor Law Poster

PA State Labor Law Poster

Penn State Policies

Copyright Information

Hotlines