Job Description

This is a full time opportunity with GTRIs Research Security in the Paxtuxent River Field Office. The position is for an Information Systems Security Manager (ISSM) who has interest in intellectually challenging and rewarding work. This position will also perform the ISSM role for our Arlington Field Office. The ISSM is responsible for managing all information system security requirements for GTRIs information systems and assuring continuous system compliance. The successful candidate will have the ability to learn the knowledge and expertise required to manage all security aspects of information systems across several domains and oversee the day-to-day security operations of each system, associated media and networks. Research will be conducted by the ISSM to stay on top of the continuous threat against our systems. The ISSM is the on-site lead for monitoring information systems and maintaining the environment of operation to include developing and updating System Security Plans (SSP) in accordance with Risk Management Framework (RMF). The successful candidate will also be the Assistant Facility Security Officer (AFSO) to assist the full-time Facility Security Officer (FSO) to ensure compliance with governmental regulations within the National Industrial Security Program Operating Manual (NISPOM), Intelligence Community Directives (ICD) 503, 701, 704 and 705, Department of Defense (DoD) 5205.07, Volumes 1-4 and National Security Agency/Central Security Service (NSA/CSS) Policy Manual 3-16 and other regulations related to safeguarding and processing of classified information. The candidate must be able to familiarize and execute requirements within the NISPOM incorporating Change 2, for the management of Personnel Security, Physical and Environmental protection, Incident handling, and Security training and awareness. The successful candidate also provides technical assistance to include the support of unclassified networks, possibility of the support project work, and additional duties as required.

We value bright, intellectually curious, growth oriented professionals and provide a work environment that allows work / life balance and opportunity for growth.

Job Duties:

This position is for the ISSM and AFSO primarily for Paxtuxent Reiver Field Office. The position will also hold the ISSM role for our Arlington Field Office. Duties include but not limited to:

• Managing all information system security requirements for GTRIs information systems and assuring continuous system compliance
• Researching system vulnerabilities, threats and government regulations, policies and guidance to stay on top of the continuous threat against our systems
• Being the on-site lead for monitoring information systems and maintaining the environment of operation to include developing and updating System Security Plans in accordance with Risk Management Framework (RMF);
• Ensuring Configuration Management (CM) of all associated hardware, software, and security-relevant functions; identifying security deficiencies/discrepancies and providing recommendations for solutions; tracking findings within Plan of Action and Milestones (POA&M) through mitigation and risk acceptance; conducting scheduled audits and managing audit data; leading incident response processes; reporting security incidents and preparing security incident reports; preparing for and participating in self-inspection and Defense Counterintelligence and Security Agency (DCSA) and other Government Agencies security vulnerability assessments, and assessing the security impact of security and non-security-relevant changes.
• Researching and interpreting government regulations such as NISPOM, DCSA Assessment and Authorization Process Manual (DAAPM), and Joint Special Access Program Implementation Guide (JSIG) to implement standard security practices at GTRI.
• Providing technical assistance to include the support of unclassified networks and the possibility of supporting project work.
• Working with Government security cognizant agencies to identify and manage security findings, risks and mitigations in Plan of Action and Milestones (POA&M)
• Educating end-users by providing formal training and support end-users during day-to-day operations as the cybersecurity Subject Matter Expert (SME)
• Performing continuous monitoring activities including system security audits and vulnerability scanning and remediation.
• Identifying security deficiencies/discrepancies, researching and implementing security solutions
• Leading incident response process to include document and report to appropriate authority
• Preparing for and participating in self-inspection and Government security vulnerability

The successful candidate will also be the AFSO to assist the full-time FSO to ensure compliance with governmental regulations within the NISPOM, Intelligence Community Directives 503, 701, 704 and 705, DoD 5205.07, Volumes 1-4 and NSA/CSS Policy Manual 3-16 and other regulations related to safeguarding and processing of classified information. The candidate must be able to familiarize and execute requirements within the NISPOM incorporating Change 2, for the management of Personnel Security, Physical and Environmental protection, Incident Handling, and Security training and awareness. The successful candidate also provides technical assistance to include the support of unclassified networks, the possibility of the support project work, and additional duties as required.

Travel Requirements

<10% travel

Education & Length of Experience

Research Associate I

• A Bachelor's degree in Computer Engineering, Electrical Engineering, Computer Science, Cyber Security or Information Assurance/Security or related fields.

Research Associate II

• A Masters degree in Computer Engineering, Electrical Engineering, Computer Science, Cyber Security or Information Assurance/Security or related fields and three (3) years of relevant full-time experience after completion of that degree,
• A Masters degree in Computer Engineering, Electrical Engineering, Computer Science, Cyber Security or Information Assurance/Security or related fields and five (5) years of relevant full-time experience after completion of a Bachelors degree, or
• A Doctoral degree in Computer Engineering, Electrical Engineering, Computer Science, Cyber Security or Information Assurance/Security or related fields.

Required Minimum Qualifications

• U.S. Citizen with the ability to obtain Secret security clearance within 6 months
• Bachelor degree in Computer Engineering, Electrical Engineering, Computer Science, or Information Assurance/Security or related fields.
• DoD Directive 8140/8570, Information Assurance Manager (IAM) Level II baseline certifications are required for this position within six months of hire. Must possess or be able to maintain a Certified Information Systems Security Professional (CISSP) or Security+ certification within six months of hiring.

Preferred Qualifications

• An active Secret Clearance
• IAM Level III compliance with CISSP

U.S. Citizenship Requirements

Due to our research contracts with the US federal government, candidates for this position are required to be US Citizens.

Clearance Type Required

Ability to obtain Secret Clearance upon hire

Diversity & Inclusion

Diversity & Inclusion (D&I) at Georgia Tech Research Institute aims to enhance the Institutes mission of solving the worlds most complex technical problems by creating a workforce with a shared appreciation for diversity, raising awareness around inclusiveness, and fostering a sense of belonging and appreciation for all members of our community.

Equal Employment Opportunity

Georgia Tech Research Institute is an Equal Opportunity Employer of individuals with disabilities and protected veterans and actively seeks diversity among its employees. Equal Employment Opportunity is the Law.