Cybersercurity R&D Systems Architect - GTRI - CIPHER

The Georgia Tech Research Institute (GTRI) is the nonprofit, applied research division of the Georgia Institute of Technology (Georgia Tech).Founded in 1934 as the Engineering Experiment Station, GTRI has grown to more than 2,900 employees, supporting eight laboratories in over 20 locations around the country and performing more than $940 million of problem-solving research annually for government and industry.GTRI's renowned researchers combine science, engineering, economics, policy, and technical expertise to solve complex problems for the U.S. federal government, state, and industry.

Georgia Tech's mission is to develop leaders who advance technology and improve the human condition. The Institute has nine key values that are foundational to everything we do:

1. Students are our top priority.
2. We strive for excellence.
3. We thrive on diversity.
4. We celebrate collaboration.
5. We champion innovation.
6. We safeguard freedom of inquiry and expression.
7. We nurture the wellbeing of our community.
8. We act ethically.
9. We are responsible stewards.

Over the next decade, Georgia Tech will become an example of inclusive innovation, a leading technological research university of unmatched scale, relentlessly committed to serving the public good; breaking new ground in addressing the biggest local, national, and global challenges and opportunities of our time; making technology broadly accessible; and developing exceptional, principled leaders from all backgrounds ready to produce novel ideas and create solutions with real human impact.

The GTRI CIPHER Lab's Secure Information Systems (SIS) Division is currently seeking a Cybersecurity R&D Systems Architect. The division concentrates on the design and development of secure real-world, multi-compartment, multi-level information sharing applications. Hardware and software design methodologies are combined to deliver information exchange solutions that pass the rigorous testing required to operate on the nation's most secure networks. SIS solutions are nationally recognized within the government as state-of-the-art, affordable, secure, and scalable.

The Cybersecurity Research and Development Systems Architect designs and develops new systems, applications, and solutions for external sponsors' enterprise-wide cyber systems and networks. The Cybersecurity R&D Systems Architect is responsible for driving adoption, identifying and defining new security objectives and controls and helping with the organization's automated security validation development. This researcher also performs vulnerability analysis and exploitation of applications, operating systems and/or networks. The Cybersecurity R&D Systems Architect designs and implements Identity, Credential, and Access Management (ICAM) security solutions, and applies those ICAM solutions to advanced problem domains such as federation and trusted information sharing within select target communities of sponsors and project stakeholders. The Architect ensures system security needs are established and maintained for operations development, security requirements definition, security risk assessment, systems analysis, systems design, security test and evaluation, certification and accreditation, systems hardening, vulnerability testing and scanning, incident response, disaster recovery, and business continuity planning. The Cybersecurity R&D Systems Architect also provides analytical support for security policy development and analysis, integrates new architectural features into existing infrastructures, designs cyber security architectural artifacts, provides architectural analysis of cyber security features and relates existing systems to future needs and trends. In addition, the Architect embeds advanced forensic tools and techniques for attack reconstruction, provides engineering recommendations, and resolves integration and testing issues. The Cybersecurity R&D Systems Architect serves in a consultative role, defining controls for different platforms, including definition of protection rule sets, and threat mitigations for potential threats. The Cybersecurity R&D Systems Architect also interacts, advises, and counsels on a regular basis with internal staff as well as project sponsors and other stakeholders from the communities in which these solutions are implemented.

Direct sponsor engagement and facilitate product or system requirements gathering and analysis

Verify cybersecurity engineering product life-cycle including definition, requirements analysis, synthesis, cyber engineering analysis and implementation

Conduct product or system design synthesis translating requirements into physical cyber architectures for systems of moderate complexity

Contribute to technical reports and diagrams detailing product or system attributes

Analyze network security systems and/or information systems and safeguard networks against unauthorized modification, destruction, or disclosure

Ensure Configuration Management (CM) of all associated software, hardware, and security relevant functions

• Manage sponsor accreditation packages, utilizing Risk Management Framework to successfully obtain different Authority to Operate (ATOs).
• Interact with third party test teams to coordinate and execute government sponsored test events.
• Lead test events and document results for auditors

• Familiarity with Cross Domain Solutions and NCDSMO requirements to build and test CDS
• Experience using Enterprise Mission Assurance Support Service (eMASS)
• At least 2 years experience with RMF
• Familiarity with RMF paperwork and experience with security controls
• Experience with POA&M reports and interfacing with DoD accreditation agencies
• Ability to obtain and maintain an active Secret clearance

• Active Secret Clearance
• Experience with government accreditation processes and teams
• Experience with accrediting DoD Information systems
• Familiarity with NIST 800-171, NIST 800-53, and AFI17-101
• Experience selecting, documenting, and integrating a NCDSMO authorized Cross Domain Solution into an accreditation baseline
• Experience acting as an ISSO or ISSM
• Ability to work in a fast paced environment with research faculty across time zones

10% - 25% travel

25% - 50% travel

>50% travel

This position vacancy is an open-rank announcement. The final job offer will be dependent on candidate qualifications in alignment with Research Faculty Extension Professional ranks as outlined in section 3.2.1 of the Georgia Tech Faculty Handbook

• 5 years of related experience with a Bachelor's degree in Computer Science, Computer Engineering, Information Security, Cybersecurity or related field.
• 3 years of related experience with a Masters' degree in Computer Science, Computer Engineering, Information Security, Cybersecurity or related field.
• 0 years of related experience with a Ph.D. in Computer Science, Computer Engineering, Information Security, Cybersecurity or related field.

Due to our research contracts with the U.S. federal government, candidates for this position must be U.S. Citizens.

Candidates must be able to obtain and maintain an active security clearance.

Comprehensive information on currently offered GTRI benefits, including Health & Welfare, Retirement Plans, Tuition Reimbursement, Time Off, and Professional Development, can be found through this link: https://benefits.hr.gatech.edu/.

The Georgia Institute of Technology (Georgia Tech) is an Equal Employment Opportunity Employer. The Institute is committed to maintaining a fair and respectful environment for all. To that end, and in accordance with federal and state law, Board of Regents policy, and Institute policy, Georgia Tech provides equal opportunity to all faculty, staff, students, and all other members of the Georgia Tech community, including applicants for admission and/or employment, contractors, volunteers, and participants in institutional programs, activities, or services. Georgia Tech complies with all applicable laws and regulations governing equal opportunity in the workplace and in educational activities.

Equal opportunity and decisions based on merit are fundamental values of the University System of Georgia ("USG") and Georgia Tech. Georgia Tech prohibits discrimination, including discriminatory harassment, on the basis of an individual's race, ethnicity, ancestry, color, religion, sex (including pregnancy), national origin, age, disability, genetics, or veteran status in its programs, activities, employment, and admissions. Further, Georgia Tech prohibits citizenship status, immigration status, and national origin discrimination in hiring, firing, and recruitment, except where such restrictions are required in order to comply with law, regulation, executive order, or Attorney General directive, or where they are required by Federal, State, or local government contract.

The University System of Georgia is comprised of our 26 institutions of higher education and learning as well as the System Office. Our USG Statement of Core Values are Integrity, Excellence, Accountability, and Respect. These values serve as the foundation for all that we do as an organization, and each USG community member is responsible for demonstrating and upholding these standards. More details on the USG Statement of Core Values and Code of Conduct are available in USG Board Policy 8.2.18.1.2 and can be found on-line at https://www.usg.edu/policymanual/section8/C224/#p8.2.18_personnel_conduct.

Additionally, USG supports Freedom of Expression as stated in Board Policy 6.5 Freedom of Expression and Academic Freedom found on-line at https://www.usg.edu/policymanual/section6/C2653.