GTRI Careers

Overview:

The Georgia Tech Research Institute (GTRI) is the nonprofit, applied research division of the Georgia Institute of Technology (Georgia Tech). Founded in 1934 as the Engineering Experiment Station, GTRI has grown to more than 2,900 employees, supporting eight laboratories in over 20 locations around the country and performing more than $940 million of problem-solving research annually for government and industry. GTRI's renowned researchers combine science, engineering, economics, policy, and technical expertise to solve complex problems for the U.S. federal government, state, and industry.   

Georgia Tech's Mission and Values

Georgia Tech's mission is to develop leaders who advance technology and improve the human condition. The Institute has nine key values that are foundational to everything we do: 

1. Students are our top priority.
2. We strive for excellence.
3. We thrive on diversity.
4. We celebrate collaboration.
5. We champion innovation.
6. We safeguard freedom of inquiry and expression.
7. We nurture the wellbeing of our community.
8. We act ethically.
9. We are responsible stewards.

Over the next decade, Georgia Tech will become an example of inclusive innovation, a leading technological research university of unmatched scale, relentlessly committed to serving the public good; breaking new ground in addressing the biggest local, national, and global challenges and opportunities of our time; making technology broadly accessible; and developing exceptional, principled leaders from all backgrounds ready to produce novel ideas and create solutions with real human impact.

Project/Unit Description

Cyber Security Division (CSD) is responsible for maintaining the overall security posture of classified systems at GTRI. CSD partners with government agencies to provide support for system accreditation and authorization to process classified information including Collateral, Special Access Programs (SAP) and Sensitive Compartmented Information. In addition, CSD handles Communication Security (COMSEC) to ensure information is transmitted in a secure manner and in compliance with government regulations.

Job Purpose

ISSM is a contractually recognized role described in the National Industrial Security Program Operating Manual. Oversee the development, implementation, and evaluation of the GTRI Information Systems Program, including insider threat awareness, for facility management, Information Systems personnel, users, and others, as appropriate. Develop, document, and monitor compliance with and reporting of the GTRI Information Security program in accordance with Cognizant Security Agency (CSA)-provided guidelines for management, operational, and technical controls. Conduct self-inspections and implement corrective actions for all identified findings and vulnerabilities. Serve as the principal advisor on all matters, technical and otherwise, involving the security of classified systems at GTRI. Coordinate and manage GTRI activities related to classified information systems requirements, assessment and authorization of classified information, classified information systems configuration management, and project management for the life cycle of classified information systems. Advise GTRI senior management and execute GTRI’s overall strategy for enterprise classified networks and systems to support GTRI’s current and future contractual requirements. Research policies and regulations, interact with various agencies and levels of management, and contribute to establishing and maintaining accredited information systems to support GTRI contracts with the U.S. Government. Research system vulnerabilities and threats to stay on top of the continuous threat against accredited information systems and networks. The Field Office ISSM is also the Assistant Facility Security Officer (AFSO) to assist the full-time Facility Security Officer (FSO) to ensure compliance with governmental regulations within the National Industrial Security Program Operating Manual (NISPOM), Intelligence Community Directives (ICD), Department of Defense (DoD) 5205.07, Volumes 1-4 and National Security Agency/Central Security Service (NSA/CSS) Policy Manual 3-16 and other regulations related to safeguarding and processing of classified information. Familiarize and execute requirements within the NISPOM incorporating Change 2, for the management of Personnel Security, Physical and Environmental protection, Incident Handling, and Security Training and Awareness.

Key Responsibilities

• Coordinate and manage the GTRI FO activities related to classified information systems requirements, assessment and authorization of classified information, classified information systems configuration management, and project management for the life cycle of classified information systems.
• Develop, maintain, and oversee policies, processes and procedures for the classified Information Systems (IS) security program for the Field Office
• Responsible for analyzing network security systems and/or information systems. Safeguard networks against unauthorized modification, destruction, or disclosure.
• Research, evaluate, design, test, recommend, communicate, and implement new security software or devices.
• Implement, enforce, communicate, and develop network or other information security policies or security plans for data, software applications, hardware, telecommunications, and computer installations.
• Interpret, research, and formalize Cyber Security policies, concepts, and measures when designing, procuring, adopting, and developing new IS to ensure compliance with Government policies, guidance, and orders.
• Research and advise Information Technology (IT) staff of technical security safeguards and operational security measures and provide technical support in implementing security controls.
• Perform examination and quality control inspections on Information Systems Security protections and safeguards to ensure compliance to Government requirements and standards.
• Define system security requirements, design system security architecture and develop detailed security designs. - Assess information protection effectiveness and plan and manage technical efforts.
• Manage system security requirements for GTRI’s accredited information systems and assure continuous system compliance. - Establish strict program control processes to ensure mitigation of risks and supports obtaining certification and accreditation of systems. This includes process support, analysis support, coordination support, security certification test support, security documentation support, investigations, software research, hardware introduction and release, emerging technology research inspections and periodic audits.
• Responsible maintaining operational security posture for systems by enforcing established security policies, procedures, and standards.
• Work with Government security cognizant agencies to identify and manage security findings, risks and mitigations in Plan of Action and Milestones (POA&M).
• Perform continuous monitoring activities including system security audits and vulnerability scanning and remediation. Periodically conduct of a review of each system's audits and monitor corrective actions until all actions are closed.
• Ensure Configuration Management (CM) of all associated software, hardware, and security relevant functions
• Lead incident response process to include document and report to appropriate authority
• Research policies and regulations, interact with various agencies and levels of management, and contribute to establishing and maintaining accredited information systems
• Research system vulnerabilities and threats to stay on top of the continuous threat against accredited systems
• Prepare for and participate in self-inspection and Government security vulnerability assessments. Support the formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results, and preparation of required reports.
• Serve as the secondary point of contact for all industrial security concerns.
• Assist the FSO to manage and support the GTRI Field Office classified security programs.
• Assist the FSO to develop and administer security education, training, and awareness programs for both cleared and non-cleared personnel.
• Assist the FSO to maintain visitor control program.

Required Minimum Qualifications

• Must be able to obtain or have a current Secret security clearance
• Must possess or be able to obtain CISSP, Security+ and/or other applicable certifications within six months of hire in compliance with DoD Directive 8140/8570, IAM Level II/III baseline certification requirements.
• Have experience with RMF, NIST 800, NISPOM and DAAPM
• Experience with information systems Incident Response Team
• Experience identifying system vulnerabilities and implementing mitigation strategies
• Experience working with accredited U.S. government networks such as NIPRNET or SIPRNet

Preferred Qualifications

• Active Top Secret Clearance
• IAM Level III compliance with CISSP
• Experience in an environment and culture steeped in teamwork and collaboration working on challenging technical projects
• Experience working with eMASS
• Experience with NIPRNet/SIPRNet accreditation process

Travel Requirements

10% - 25% travel

Education and Length of Experience

This position vacancy is an open-rank announcement. The final job offer will be dependent on candidate qualifications in alignment with Research Faculty Extension Professional ranks as outlined in section 3.2.1 of the Georgia Tech Faculty Handbook

• 2 years of related experience with a Bachelor’s degree in Computer Engineering, Electrical Engineering, Computer Science, Information Assurance, Information Security, Cybersecurity or related fields.
• 0 years of related experience with a Masters’ degree in Computer Engineering, Electrical Engineering, Computer Science, Information Assurance, Information Security, Cybersecurity or related fields.

U.S. Citizenship Requirements

Due to our research contracts with the U.S. federal government, candidates for this position must be U.S. Citizens.

Clearance Type Required

Candidates must be able to obtain and maintain an active security clearance.

Benefits at GTRI

Comprehensive information on currently offered GTRI benefits, including Health & Welfare, Retirement Plans, Tuition Reimbursement, Time Off, and Professional Development, can be found through this link: https://hr.gatech.edu/benefits

The Georgia Institute of Technology (Georgia Tech) is an Equal Employment Opportunity Employer. The University is committed to maintaining a fair and respectful environment for all. To that end, and in accordance with federal and state law, Board of Regents policy, and University policy, Georgia Tech provides equal opportunity to all faculty, staff, students, and all other members of the Georgia Tech community, including applicants for admission and/or employment, contractors, volunteers, and participants in institutional programs, activities, or services.  Georgia Tech complies with all applicable laws and regulations governing equal opportunity in the workplace and in educational activities.

Georgia Tech prohibits discrimination, including discriminatory harassment, on the basis of race, ethnicity, ancestry, color, religion, sex (including pregnancy), sexual orientation, gender identity, gender expression, national origin, age, disability, genetics, or veteran status in its programs, activities, employment, and admissions.  This prohibition applies to faculty, staff, students, and all other members of the Georgia Tech community, including affiliates, invitees, and guests. Further, Georgia Tech prohibits citizenship status, immigration status, and national origin discrimination in hiring, firing, and recruitment, except where such restrictions are required in order to comply with law, regulation, executive order, or Attorney General directive, or where they are required by Federal, State, or local government contract.

All members of the USG community must adhere to the USG Statement of Core Values, which consists of Integrity, Excellence, Accountability, and Respect. These values shape and fundamentally support our University's work. Additionally, all faculty, staff, and administrators must also be aware of and comply with the Board of Regents and Georgia Institute of Technology's policies on Freedom of Expression and Academic Freedom. More information on these policies can be found here: Board of Regents Policy Manual | University System of Georgia (usg.edu).