The Georgia Tech Research Institute (GTRI) is the nonprofit, applied research division of the Georgia Institute of Technology (Georgia Tech).Founded in 1934 as the Engineering Experiment Station, GTRI has grown to more than 2,900 employees, supporting eight laboratories in over 20 locations around the country and performing more than $940 million of problem-solving research annually for government and industry.GTRI's renowned researchers combine science, engineering, economics, policy, and technical expertise to solve complex problems for the U.S. federal government, state, and industry.

Georgia Tech's mission is to develop leaders who advance technology and improve the human condition. The Institute has nine key values that are foundational to everything we do:

1. Students are our top priority.
2. We strive for excellence.
3. We thrive on diversity.
4. We celebrate collaboration.
5. We champion innovation.
6. We safeguard freedom of inquiry and expression.
7. We nurture the wellbeing of our community.
8. We act ethically.
9. We are responsible stewards.

Over the next decade, Georgia Tech will become an example of inclusive innovation, a leading technological research university of unmatched scale, relentlessly committed to serving the public good; breaking new ground in addressing the biggest local, national, and global challenges and opportunities of our time; making technology broadly accessible; and developing exceptional, principled leaders from all backgrounds ready to produce novel ideas and create solutions with real human impact.

Cyber Security (CS) is responsible for maintaining the overall security posture of classified systems at GTRI. CS partners with government agencies to provide support for system accreditation and authorization to process classified information in both Collateral and Special (Special Access Programs (SAP) and Sensitive Compartment Information (SCI)) programs. In addition, CS handles Communication Security (COMSEC) to ensure information is transmitted in a secure manner and in compliance with government regulations

ISSO is a contractually recognized role described in the National Industrial Security Program Operating Manual. Advise researchers and Information Technology (IT) staff on Accredited Information System (AIS) to support Government contractual research and delivery. Responsible for maintaining operational security posture for systems by enforcing established security policies, procedures, and standards. Verify the implementation of delegated aspects of the GTRI Information Security Program from the Information Systems Security Manager (ISSM) and security measures, in accordance with Cognizant Security Agencies (CSA) and GTRI procedures. Conduct self-inspections and provide corrective actions to the ISSM. Perform continuous monitoring activities including system security audits and vulnerability scanning and remediation. Develop and maintain documentations supporting AIS and periodically conduct of a review of each system's audits and monitor corrective actions until all actions are closed. Conduct research on system vulnerabilities and information security practices to protect AIS as well as research government rules and regulations to ensure compliance for GTRI systems supporting Government contracts.

• Train new ISSOs on their job duties and understanding of various government standards.
• Manage system security requirements for assigned GTRI's accredited information systems and assure continuous system compliance.
• Manage the day-to-day security operations of systems, associated media, and networks.
• Responsible for maintaining operational security posture for systems by enforcing established security policies, procedures, and standards.
• Develop and maintain documentations including, but not limited to: Systems Security Plans (SSPs), Risk Assessment Reports, Plan of Actions & Milestones (POA&M), and Enterprise Mission Assurance Support Service (eMASS) or Xacta artifacts
• Work with Government security cognizant agencies to identify and manage security findings, risks and mitigations in Plan of Action and Milestones (POA&M)
• Educate end-users by providing formal training and support day-to-day operations as the cybersecurity Subject Matter Expert (SME)
• Perform continuous monitoring activities including system security audits and vulnerability scanning and remediation. Periodically conduct of a review of each system's audits and monitor corrective actions until all actions are closed.
• Ensure Configuration Management (CM) of all associated software, hardware, and security relevant functions
• Identify security deficiencies/discrepancies, research and recommend security solutions to the Information Systems Security Manager (ISSM).
• Perform extensive analyses to validate established security requirements and to recommends additional security requirements and safeguards.
• Lead incident response process to include document and report to appropriate authority
• Have proficiency across several technical domains and experience with National Industrial Security Program Operating Manual (NISPOM), DCSA Assessment and Authorization Process Manual (DAAPM), Joint Special Access Program (SAP) Implementation Guide (JSIG), Intelligence Community Directives (lCD), National Institute of Standards and Technology (NIST) 800, and Risk Management Framework (RMF).
• Assist in the implementation of the required government policy and make recommendations on process tailoring.
• Research policies and regulations, interact with various agencies and levels of management, and contribute to establishing and maintaining accredited information systems
• Research system vulnerabilities and threats to stay on top of the continuous threat against accredited systems
• Prepare for and participate in self-inspection and Government security vulnerability assessments.

• Bachelor's degree in Computer Engineering, Electrical Engineering, Computer Science, Information Assurance, Information Security, Cyber Security or related fields.
• Must possess or be able to obtain CISSP, Security+ and/or other applicable certifications within six months of hire in compliance with
  DoD Directive 8140/8570, IAM Level II/III baseline certification requirements.
• Must be eligible for Sensitive Compartmented Information (SCI) and Special Access Programs (SAP) access.
• Have experience with RMF, NIST 800, NISPOM, DAAPM or JSIG
• Ability to obtain and maintain DoD TS/SCI Security Clearance

• Active TS/SCI Clearance
• IAM Level III compliance with CISSP
• Excellent written and verbal communications skills at all levels of the organization
• Experience in an environment and culture steeped in teamwork and collaboration working on challenging technical projects
• Experience working with Service Now (SNOW)/eMASS

<10% travel

This position vacancy is an open-rank announcement. The final job offer will be dependent on candidate qualifications in alignment with Research Faculty Extension Professional ranks as outlined in section of the Georgia Tech Faculty Handbook

• 5 years of related experience with a Bachelor's degree in Computer Engineering, Electrical Engineering, Computer Science, Information Assurance, Information Security, Cyber Security or related fields
• 3 years of related experience with a Masters' degree in Computer Engineering, Electrical Engineering, Computer Science, Information Assurance, Information Security, Cyber Security or related fields
• 0 years of related experience with a Ph.D. in Computer Engineering, Electrical Engineering, Computer Science, Information Assurance, Information Security, Cyber Security or related fields

Due to our research contracts with the U.S. federal government, candidates for this position must be U.S. Citizens.

Candidates must be able to obtain and maintain an active security clearance.

Comprehensive information on currently offered GTRI benefits, including Health & Welfare, Retirement Plans, Tuition Reimbursement, Time Off, and Professional Development, can be found through this link:

The Georgia Institute of Technology (Georgia Tech) is an Equal Employment Opportunity Employer. The University is committed to maintaining a fair and respectful environment for all. To that end, and in accordance with federal and state law, Board of Regents policy, and University policy, Georgia Tech provides equal opportunity to all faculty, staff, students, and all other members of the Georgia Tech community, including applicants for admission and/or employment, contractors, volunteers, and participants in institutional programs, activities, or services. Georgia Tech complies with all applicable laws and regulations governing equal opportunity in the workplace and in educational activities.

Georgia Tech prohibits discrimination, including discriminatory harassment, on the basis of race, ethnicity, ancestry, color, religion, sex (including pregnancy), sexual orientation, gender identity, gender expression, national origin, age, disability, genetics, or veteran status in its programs, activities, employment, and admissions. This prohibition applies to faculty, staff, students, and all other members of the Georgia Tech community, including affiliates, invitees, and guests. Further, Georgia Tech prohibits citizenship status, immigration status, and national origin discrimination in hiring, firing, and recruitment, except where such restrictions are required in order to comply with law, regulation, executive order, or Attorney General directive, or where they are required by Federal, State, or local government contract.

USG Core Values Statement

The University System of Georgia is comprised of our 26 institutions of higher education and learning as well as the System Office. Our USG Statement of Core Values are Integrity, Excellence, Accountability, and Respect. These values serve as the foundation for all that we do as an organization, and each USG community member is responsible for demonstrating and upholding these standards. More details on the USG Statement of Core Values and Code of Conduct are available in USG Board Policy 8.2.18.1.2 and can be found on-line at

Additionally, USG supports Freedom of Expression as stated in Board Policy 6.5 Freedom of Expression and Academic Freedom found on-line at