Job no: 502095 Position type: Full-Time 12-Month Department: 193000 - HPC2 Location: Main Campus - Starkville, MS Categories: Professional Position Open Date: Feb 25 2021
The Information Security Manager is responsible for developing, coordinating and executing the cybersecurity activities for the Mississippi State University (MSU) High Performance Computing Collaboratory (HPC2) and its affiliated research centers/institutes. This position will provide subject matter expertise in cyber risk management oversight, direction, and advisory services aligned with federal contracts and NIST standards to the units with the focus on their research mission. The position works proactively to prevent security incidents and responds to information security incidents should they occur. The Information Security Manager should have a thorough understanding of cybersecurity tactics, techniques and procedures, with the experience and expertise to apply them to IT systems, networks and operational technology. Applicants selected will be subject to a government security investigation and must meet eligibility for access to classified information. Must be a U.S Citizen or Permanent Resident.
1. Develop and implement information system security plans, policies and procedures for maintaining properly accredited information technology systems. 2. Ensure all systems, services, applications, and databases are current and compliant with the latest security standards. Perform penetration testing and vulnerability scanning across all operating systems, applications, databases, and services. Develop, test, and maintain security breach response plans. Also, identify and implement resolutions for any vulnerabilities or weaknesses discovered. This may require coordination between multiple individuals, groups, departments, or entities. 3. Monitors, evaluates, and reports on the status and condition of the information system's security programs, controls, and implementation, and directs corrective actions to eliminate or reduce risks through in-depth analysis of systems development plans to ensure that security requirements and specifications are adequately defined and that security features are sufficiently rigorous to protect systems throughout the systems life cycle. 4. Conduct risk assessments of the information technology environment. 5. Develop security breach and incident response plans in accordance with applicable industry, university, state and federal security standards. Execute response plans in event of breach or incident. 6. Investigate information system security incidents to determine the cause and extent of security incidents, as well as recommend and implement corrective actions to eliminate or reduce security risks. 7. Collaborates with external and internal audit agencies to perform information systems certification. 8. Manage and refine all security appliances to include network-based intrusion detection and host-based intrusion detection systems. 9. Maintain records and prepare reports providing insight into and measuring the effectiveness of the information system's security posture. 10. Supports all technical aspects of security controls for a large-scale environment that develops and services public-facing web applications. 11. Lead and manage matrixed teams for accomplishing major security operations. 12. Performs other duties as assigned.
Supervisory Responsibilities: Full supervisory responsibility for other employees is a major responsibility and includes training, evaluating, and making or recommending pay, promotion, or other employment decisions.
The above essential duties are representative of major duties in this position. Specific duties and responsibilities may vary based upon departmental needs. Other duties may be assigned to the above consistent with the knowledge, skills and abilities required for the job. Not all of the duties may be assigned to a position.
Bachelor's degree in computer science, business information systems, or related field and Five (5) years of experience directly related to the duties and responsibilities specified
Substitutions: Indicated education is required; no substitutions allowed.
Supervisory experience with small teams of full-time employees. Formal cyber security training from a university certified as a Center of Academic Excellence in Information Assurance Education and Research. Experience with cloud-based information technology solutions. Certified Information Systems Security Professional (CISSP) or similar certification. Experience with network security technologies such as network vulnerability scanning, intrusion detection systems, and penetration testing. Experience with industry standard baseline security standards and methodologies such as CIS, STIGs, or NIST CSF. Cybersecurity experience in a large, diverse IT environment
Knowledge, Skills, and Abilities:
Strong written and oral communication skills. Demonstrated ability to understand and document software business rules and requirements using diagrams, written use cases, and user stories. Ability to lead and supervise small teams. Strong organization skills and the ability to self-direct efforts to complete documentation requirements. Ability to use Microsoft products (Word, Excel, Power Point). Applicants selected will be subject to a government security investigation and must meet eligibility for access to classified information. Must be a U.S Citizen or Permanent Resident.
Working Conditions and Physical Effort
* No unusual physical requirements. Requires limited lifting of files and records and nearly all work is performed in a comfortable indoor facility. * Frequent external imposed deadlines; set and revised beyond one's control; interruptions influence priorities; difficult to anticipate nature or volume of work with certainty beyond a few days; meeting of deadlines and coordination of unrelated activities are key to position; involves conflict-resolution or similar interactions involving emotional issues or stress on a regular basis. * Job frequently requires walking, sitting, reaching, talking, hearing, handling objects with hands.
Apply online by submitting a cover letter, resume, and a copy of your transcript(s). Any social security numbers included on requested transcripts should be redacted prior to submitting online. Contact Crisler Herndon at firstname.lastname@example.org with any questions.
Position is contingent upon funding availability.
Equal Employment Opportunity Statement:
MSU is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, ethnicity, sex, religion, national origin, disability, age, sexual orientation, genetic information, pregnancy, gender identity, status as a U.S. veteran, and/or any other status protected by applicable law. We always welcome nominations and applications from women, members of any minority group, and others who share our passion for building a diverse community that reflects the diversity in our student population.
Internal Number: 502095
About Mississippi State University
Mississippi State University represents the highest level of research activity for doctorate-granting institutions and is designated by the Carnegie Foundation as an R1-Very High Research Activity University. Also, a National Science Foundation “Top 100” research University, MSU shelters a chapter of Phi Beta Kappa, the nation’s oldest and most prestigious honor society, and values the talents of our distinguished faculty, staff, and student scholars. Here, a culture of inclusion is fostered and we’re driven each day to make a difference at the local, state, regional, national and global levels. At Mississippi State University we invite you to join us as we continue our momentum in research, teaching, and service.
To apply, please go to http://explore.msujobs.msstate.edu/