Job Description

Are you interested in being part of a forward thinking Cybersecurity program?

Are you inquisitive and analytical with expertise in Cybersecurity Governance, Risk, and Compliance?

If so, we 're looking for someone like you to join our team at APL.

We are seeking a Supervisor for our Governance, Risk, and Compliance (GRC) section to provide vision, direction, and leadership for cybersecurity oversight and maintenance of Federal Information Systems Management Act (FISMA) compliant security programs supervise a team of cybersecurity analysts in a matrix organization partnering with cyber architecture & engineering, cyber hunt & incident response, and operational cyber research.

As a cybersecurity subject matter expert, you will support innovation and digital transformation across the Laboratory. Manage our enterprise Vulnerability Management program and proactively identify and lead opportunities to reduce vulnerabilities across IT systems and emerging platforms like cloud and Internet of Things. Use your comprehensive understanding of evolving tactics, techniques, and procedures used by Nation State adversaries to assess and determine risk to the organization. Work with IT compliance stakeholders to assess risks and provide relevant technical guidance in order for stakeholders to make effective decisions.

As the Supervisor for our Governance, Risk, and Compliance (GRC) section you will...

• Maintain formalized IT Governance framework for APL's unclassified network. Review existing IT compliance controls for regulatory updates and perform necessary gap analysis create and participate in various internal and external audit and compliance activities. Monitor compliance with and develop organizational security policies and procedures for compliance with FISMA and NIST 800-53, NIST 800-171, HIPAA, as well as developing and evolving government regulations. Review and provide input on contracts for compliance. Create and maintain Systems Security Plans and document monitor and report on status of POA&M items. Present briefings to senior management.
• Develop and enhance processes, work flows, and documentation for monitoring compliance and privacy requirements.
• Participate in project and cross-functional security teams requiring interaction with system administrators, networking staff, application developers, IT operations staff, and cyber research and development areas within the organization in order to identify and implement information assurance controls and risk mitigation techniques for IT operations.
• Work effectively with all levels of management and staff and participate in project and cross-functional security teams within the organization in order to identify and implement information assurance controls and risk mitigation techniques for IT operations and evolve cyber security awareness and training programs. Work with internal, industry and third party IT security partners to stay current on industry trends, controls and security technologies and services. Collaborate with other organizations to maintain knowledge and leverage best practices. Provide routine reporting on goals and objectives to management.
• Establish strong relationships with staff, improve morale, conduct coaching, promote career growth, manage performance, and participate in recruiting and other line supervision activities as a member of the department 's extended management team.

You meet our minimum requirements if you...

• Hold a Bachelor 's degree in Information Systems, Computer Science, Cybersecurity or equivalent years of relevant professional IT work experience.
• Have 7 or more years of hands-on operational IT cybersecurity experience.
• Have an understanding of attack methodologies used by Nation State actors and the ATT&CK matrix to effectively assess risk with applied knowledge of NIST 800-53, NIST 800-171, and HIPAA regulations
• Have experience running vulnerability analysis tools, like Nessus, Qualys, or Rapid7
• Have experience with data analysis using tools like, Splunk, ELK, or SQL
• Have experience in assessing cloud technologies such as Amazon Web Services or Microsoft Azure
• Have 5 or more years in management/supervision in an operational cybersecurity role
• Are able to self-direct and work independently as necessary
• Possess exceptional analytical and problem-solving skills
• Are an articulate and effective communicator with the ability to engage all levels of staff and management
• Possess a proven track record of successfully leading, coaching, and motivating direct reports in solving complex problems
• Are able to obtain and maintain a Secret level security clearance. If selected, you will be subject to a government security clearance investigation and must meet the requirements for access to classified information. Eligibility requirements include U.S. citizenship.
• Can demonstrate that you are fully vaccinated against COVID-19. To ensure the safety and well-being of the community, APL has established a policy requiring that all staff be vaccinated against COVID-19. All staff members must provide proof of full vaccination or have an approved medical or religious accommodation by their start date.

You go above and beyond our minimum requirements if you...

• Hold a Master's degree in Information Systems, Computer Science, or related field
• Have experience with supporting cybersecurity operation center processes and tools
• Have experience running IT projects involving at least 10 people
• Possess certifications such as CISSP, CISSP-ISSEP, or SANS GIAC Security Essentials
• Have extensive experience in cloud technologies such as Amazon Web Services or Microsoft Azure

Why work at APL?
The Johns Hopkins University Applied Physics Laboratory (APL) brings world-class expertise to our nation's most critical defense, security, space and science challenges. While we are dedicated to solving complex challenges and pioneering new technologies, what makes us truly outstanding is our culture. We offer a vibrant, welcoming atmosphere where you can bring your authentic self to work, continue to grow, and build strong connections with inspiring teammates.

At APL, we celebrate our differences and encourage creativity and bold, new ideas. Our employees enjoy generous benefits, including a robust education assistance program, unparalleled retirement contributions, and a healthy work/life balance. APL's campus is located in the Baltimore-Washington metro area. Learn more about our career opportunities at http://www.jhuapl.edu/careers.

APL is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, creed, color, religion, sex, gender identity or expression, sexual orientation, national origin, age, physical or mental disability, genetic information, veteran status, occupation, marital or familial status, political opinion, personal appearance, or any other characteristic protected by applicable law. APL is committed to promoting an innovative environment that embraces diversity, encourages creativity, and supports inclusion of new ideas. In doing so, we are committed to providing reasonable accommodation to individuals of all abilities, including those with disabilities. If you require a reasonable accommodation to participate in any part of the hiring process, please contact Accommodations@jhuapl.edu. Only by ensuring that everyone’s voice is heard are we empowered to be bold, do great things, and make the world a better place.

*Please mention you saw this ad on AcademicJobs.*

Apply Now