Overview:

The Georgia Tech Research Institute (GTRI) is the nonprofit, applied research division of the Georgia Institute of Technology (Georgia Tech). Founded in 1934 as the Engineering Experiment Station, GTRI has grown to more than 2,900 employees, supporting eight laboratories in over 20 locations around the country and performing more than $940 million of problem-solving research annually for government and industry. GTRI's renowned researchers combine science, engineering, economics, policy, and technical expertise to solve complex problems for the U.S. federal government, state, and industry.   

Georgia Tech's Mission and Values

Georgia Tech's mission is to develop leaders who advance technology and improve the human condition. The Institute has nine key values that are foundational to everything we do: 

1. Students are our top priority.
2. We strive for excellence.
3. We thrive on diversity.
4. We celebrate collaboration.
5. We champion innovation.
6. We safeguard freedom of inquiry and expression.
7. We nurture the wellbeing of our community.
8. We act ethically.
9. We are responsible stewards.

Over the next decade, Georgia Tech will become an example of inclusive innovation, a leading technological research university of unmatched scale, relentlessly committed to serving the public good; breaking new ground in addressing the biggest local, national, and global challenges and opportunities of our time; making technology broadly accessible; and developing exceptional, principled leaders from all backgrounds ready to produce novel ideas and create solutions with real human impact.

Location

Atlanta, GA

Project/Unit Description

Intellectually challenging and rewarding work supporting the identification of potential and/or actual insider threat behaviors while supporting the Information & Cybersecurity Department, Information Security Operation Center (ISOC). We value bright, intellectually curious, growth-oriented professionals and provide a work environment that allows work / life balance and opportunity for growth.

Job Purpose

Requires extensive knowledge of computer operating systems, networks, log analysis and security tools.

Applies engineering principles to cybersecurity challenges.

Necessary skill areas: fundamentals of computer science, information analysis, testing software, log analysis, event correlation, anomaly detection, and behavioral analysis.

Defining cybersecurity controls for different systems and networks.

Creates novel cyber security technology components to ensure that critical systems/information are resilient to cyber exploits and attacks.

Performs attendant vulnerability assessments, analysis, and software engineering and design.

Ensures cybersecurity needs established and maintained for operations, security requirements definition, security risk assessment, information systems analysis, information systems design, information systems hardening, configuration and maintenance of other security boundary devices (IDS/IPS, Firewalls, perimeter routing) and vulnerability scanning, incident response, disaster recovery, and operations continuity planning and provides analytical support for security policy development and analysis.

Engineers, implements, and maintains Information Technology Infrastructure and associated cybersecurity controls.

Areas of responsibility include but are not limited to information security operations, cyber risk & intelligence, data loss & fraud protection, regulatory compliance, policy management and audits & assessment.

Key Responsibilities

• Helps with the validation security control configuration on systems, ensure all systems are configured to necessary controls, such as NIST, DFARS 252.204-7012, CMMC, and other similar requirements.
• Performs day to day analysis of security threats.
• Performs day to day remediation of security incidents.
• Provide leadership to lower-level cybersecurity and IT professionals across the enterprise.

Additional Responsibilities

• Assuring implementation of technical solutions supportive of institution information and Cybersecurity systems while identifying potential threatening behaviors through analysis of user compliance.
• Supporting information security operations, Cyber risk & intelligence, data loss and fraud protection, regulatory compliance, policy management and audits and assessment.
• Perform root cause analysis to identify and incorporate opportunities for continuous process improvement and future risk mitigation efforts, will be able to comprehend functionality of multiple technical tools and develop understanding of collection techniques and methodologies, recommend and develop requirements, specifications, design and procedures to satisfy security policy and planning and understand and author analytical reports identifying technical and behavioral analysis identified through independent reviews using multiple technology solutions.
• Ensures Cybersecurity needs are established and maintained for operations, security requirements, security risk assessment, information systems analysis, information systems design, information systems hardening, configuration and maintenance of other security boundary devices and vulnerability scanning, incident response, disaster recover, and operations continuity planning.
• Provide analytical support for security policy development and analysis identifying countermeasures associated with responsibilities.
• Engineer, implement, and maintain information technology solutions and associated Cybersecurity controls directly supporting the Insider Threat Program.
• Directly support the Insider Threat Program and focus on operational collection methods while performing studies through analysis and provide decision support for potential program enhancements in direct support of guidance derived from contractual requirements outlined in 32 CFR Part 117, National Industrial Security Program Operating Manual (NISPOM), Executive Order (E.O.) 13587, and the National Insider Threat Task Force (NITTF) Maturity Guidelines.
• Through the analytical and behavioral analysis collected through technological solutions, initiate response actions supporting daily operations and compliance to GTRI Information Systems and Cybersecurity policies.
• Provides technical assistance to include the support of unclassified networks and additional duties as required.

Required Minimum Qualifications

• Practical knowledge of security applications and technologies, as well as operating system platforms including Windows, Mac, Linux, and Networking technologies.
• Previous experience with insider threat, reporting, processes and tools.
• Hands on knowledge of insider threat tools (e.g., DTEX, Incydr, Gurucul, etc.) in complex or large organizations.
• Technical background to understand the insider risk characteristics and exploitation vectors for insider risk.
• Strong knowledge of data analytics. Experience with advanced Excel data manipulation and analysis including pivot tables, light macros, intermediate formulas.
• Previous experience in analyzing data to present relevant metrics to remediation stakeholders and leadership.
• Deep understanding of cybersecurity best practices and frameworks such as NIST 800-53/171, CMMC, RMF, MITRE, ATT&CK Framework, and OWASP top 10.
• Insider Risk management expertise with ability to translate technical risks for business leaders.
• Experience judging the priority of an insider threat based on risk and impact.
• Excellent written and verbal communication skills.
• One or more basic cybersecurity certifications such as: Security+, CEH, CND, CySA+, CCNA-Security or equivalent.

Preferred Qualifications

• Active Secret clearance.
• Master’s degree.
• 9 years of inside threat experience.
• Experience leading or managing an Insider Threat program.
• One or more advanced cybersecurity certifications such as: CISSP, CISM, CISA, CASP, GEVA, CCNP-Security or equivalent.

Travel Requirements

<10% travel

Education and Length of Experience

Levels 3+4

This position vacancy is an open-rank announcement. The final job offer will be dependent on candidate qualifications in alignment with Research Faculty Extension Professional ranks as outlined in section 3.2.1 of the Georgia Tech Faculty Handbook

• 5 years of related experience with a Bachelor’s degree in Cybersecurity, Computer Engineering, Electrical Engineering, Computer Science, Information Assurance/Security, Business, or related fields.
• 3 years of related experience with a Masters’ degree in Cybersecurity, Computer Engineering, Electrical Engineering, Computer Science, Information Assurance/Security, Business, or related fields.
• 0 years of related experience with a Ph.D. in Cybersecurity, Computer Engineering, Electrical Engineering, Computer Science, Information Assurance/Security, Business, or related fields.

U.S. Citizenship Requirements

Due to our research contracts with the U.S. federal government, candidates for this position must be U.S. Citizens.

Clearance Type Required

Candidates must be able to obtain and maintain an active security clearance.

Benefits at GTRI

Comprehensive information on currently offered GTRI benefits, including Health & Welfare, Retirement Plans, Tuition Reimbursement, Time Off, and Professional Development, can be found through this link: https://benefits.hr.gatech.edu/.

Equal Employment Opportunity

The Georgia Institute of Technology (Georgia Tech) is an Equal Employment Opportunity Employer. The Institute is committed to maintaining a fair and respectful environment for all. To that end, and in accordance with federal and state law, Board of Regents policy, and Institute policy, Georgia Tech provides equal opportunity to all faculty, staff, students, and all other members of the Georgia Tech community, including applicants for admission and/or employment, contractors, volunteers, and participants in institutional programs, activities, or services. Georgia Tech complies with all applicable laws and regulations governing equal opportunity in the workplace and in educational activities.

Equal opportunity and decisions based on merit are fundamental values of the University System of Georgia (“USG”) and Georgia Tech. Georgia Tech prohibits discrimination, including discriminatory harassment, on the basis of an individual’s race, ethnicity, ancestry, color, religion, sex (including pregnancy), national origin, age, disability, genetics, or veteran status in its programs, activities, employment, and admissions. Further, Georgia Tech prohibits citizenship status, immigration status, and national origin discrimination in hiring, firing, and recruitment, except where such restrictions are required in order to comply with law, regulation, executive order, or Attorney General directive, or where they are required by Federal, State, or local government contract.

USG Core Values Statement

The University System of Georgia is comprised of our 26 institutions of higher education and learning as well as the System Office. Our USG Statement of Core Values are Integrity, Excellence, Accountability, and Respect. These values serve as the foundation for all that we do as an organization, and each USG community member is responsible for demonstrating and upholding these standards. More details on the USG Statement of Core Values and Code of Conduct are available in USG Board Policy 8.2.18.1.2 and can be found on-line at https://www.usg.edu/policymanual/section8/C224/#p8.2.18_personnel_conduct.

Additionally, USG supports Freedom of Expression as stated in Board Policy 6.5 Freedom of Expression and Academic Freedom found on-line at https://www.usg.edu/policymanual/section6/C2653.