Cyber Information Assurance Analyst Internship at the Applied Research Lab (ARL) at Penn State

The Cyber Information Assurance Analyst proactively evaluates the system and network enterprise environments and uses technical knowledge and analytical skill to determine the optimum mix of technology, policy, procedures, and education to implement effective cyber security programs and strategies; determines security controls, configurations, procedures, and policies based off industrial standards, best practices, University, federal, and state regulations, and contractual requirements; establishes and manages program control processes and compliance assessments to determine deviations from acceptable configurations, policy, or standards; assists with the identification and mitigation of risk posed to the confidentially, integrity, and availability of information systems.

ABOUT THE JOB

• Conduct risk assessments and provide recommendations for system, network, and application design, implementation, and operation of departmental systems• Conduct vulnerability assessments of departmental systems and networks to identify deviations from acceptable configurations or policies• Meet with stakeholders regularly to assess needs and requirements at a departmental level• Conduct vulnerability assessments of departmental systems and networks to identify deviations from acceptable configurations or policies• Monitor the corrective actions of departmental system audits; draft documentation of Plan of Action and Milestones (POAM) for review• Obtain certification and accreditation for departmental systems through the creation of process documentation support; may assist with unit or University wide process documentation• Participate in the establishment of program control processes to ensure risk mitigation• Perform periodic audits of departmental systems under general supervision• Participate in the implementation of required policies, procedures, and configurations; make recommendations for improvements• Participate in the preparation of requirements and procedures for forensic preservation• Research and stay current on industry best practices

RESPONSIBILITIES

• Conduct risk assessments and provide recommendations for system, network, and application design, implementation, and operation of departmental systems
• Conduct vulnerability assessments of departmental systems and networks to identify deviations from acceptable configurations or policies
• Meet with stakeholders regularly to assess needs and requirements at a departmental level
• Monitor the corrective actions of departmental system audits; draft documentation of Plan of Action and Milestones (POAM) for review
• Obtain certification and accreditation for departmental systems through the creation of process documentation support; may assist with unit or University wide process documentation
• Participate in the establishment of program control processes to ensure risk mitigation
• Perform periodic audits of departmental systems under general supervision
• Participate in the implementation of required policies, procedures, and configurations; make recommendations for improvements
• Participate in the preparation of requirements and procedures for forensic preservation
• Research and stay current on industry best practices

QUALIFICATIONS

• Minimally requires an Associate’s degree
• A Bachelors' degree in Information Technology, Cybersecurity or related field is preferred
• Knowledge of Windows and Linux OS
• Understand CI/CD pipeline
• Experience reviewing hardware and software vulnerabilities
• Working knowledge of DoD Risk Management Framework (RMF)
• Understand and enforce policies and procedures within classified space
• Ability to effectively communicate and work in team environment
• Experience with Assured Compliance Assessment Solution (ACAS) and Security Technical Implementation Guide (STIG)
• Ability to multitask multiple programs at one time
• Active Security Clearance
• Ability to obtain Security+, CAP, GSEC or equivalent

ADDITIONAL ELIGIBILITY

OTHER ELIGIBILITY FACTORS (REQUIREMENTS): This position can be filled at multiple levels depending on the successful candidate’s education, and experience. Minimally requires an Associate’s degree. A Bachelors' degree in Information Technology, Cybersecurity or related field is preferred. Other requirements include:• Knowledge of Windows and Linux OS• Understand CI/CD pipeline• Experience reviewing hardware and software vulnerabilities• Working knowledge of DoD Risk Management Framework (RMF)• Understand and enforce policies and procedures within classified space• Ability to effectively communicate and work in team environment• Experience with Assured Compliance Assessment Solution (ACAS) and Security Technical Implementation Guide (STIG).• Ability to multitask multiple programs at one time.• Active Security Clearance• Ability to obtain Security+, CAP, GSEC or equivalentYou will be subject to a government security investigation and will be required to obtain and maintain a TS/SCI clearance. You must be a U.S. citizen to apply. Employment with ARL will require successful completion of a pre-employment drug screen.

OTHER

If you are interested in being considered for this SkillBridge Internship opportunity at Penn State University, please complete this interest form for service members: https://forms.office.com/r/SMbv7jfM05