The Pittsburgh Supercomputing Center (PSC) a joint research center of Carnegie Mellon University and the University of Pittsburgh, was established in 1986, and for over 30 years has provided university, government, and industrial researchers with access to several of the most powerful systems for sophisticated computational research, communications, and data storage available to scientists, engineers and scholars nationwide for unclassified research. PSC advances science across a wide spectrum of fields, including artificial intelligence/machine learning, medical imaging, weather modeling, cell biology, and genomics.
Carnegie Mellon University’s department of PSC is searching for a Principal Information Security Officer (PISO) to join their team. This is an exciting opportunity for someone who thrives in an interesting and challenging work environment. Your contribution to the department will be to assign, direct, review and supervise a team of IT professionals that provide information security engineering and operations support for specific research applications based on both theoretical and practical knowledge to help scientists accomplish discovery on modern high-performance computing platforms. Must ensure leadership is aware and accountable for IT security policy and compliance within the PSC and ensures that research projects and services provided externally comply with PSC’s cybersecurity program. You will also assure that appropriate engineering protocols are executed to discover, examine, test and mitigate new and potential threats. As well as manage the monitoring and response to security incidents and oversee strategic direction for overall group activities and goals.
Responsibilities are determined by active project needs. Some examples are as follows:
Pittsburgh Supercomputing Center (PSC) provides a high performance computing and communications service in support of the nation’s computational science work. PSC is a member of ACCESS, a national computer collaboration of 15 partners from across the U.S. that provides high performance computing, networking, data, scientific visualization and instrument services to the nation’s scientists. The overall responsibility of the Principal Information Security Officer (PISO) is to lead teams of PSC staff members, particularly from the Networking and Systems & Operations groups, in order to develop and implement plans for integrated network-, host- and human-based information security practices and procedures for PSC. The PISO keeps PSC management informed regarding current, continuing and emerging security risks to PSC and the broader academic community. The PISO will also serve as a key member of Trusted CI, the NSF Cybersecurity Center of Excellence. The mission of Trusted CI is to lead in the development of an NSF Cybersecurity Ecosystem with the workforce, knowledge, processes, and cyberinfrastructure that enables trustworthy science and NSF’s vision of a nation that is a global leader in research and innovation. Within PSC, the PISO will work with other staff members to assess PSC’s computer security risks and to choose appropriate security measures, prepares plans for implementing the measures and leads implementation, monitors performance of the measures and adjusts them accordingly, and leads response to security incidents. Within Trusted CI, the PISO performs potentially similar duties as prescribed by Trusted CI’s leadership, with particular attention to cybersecurity interoperability.
Skills and experience:
- Leads teams of cybersecurity experts from PSC.
- Actively participates in Trusted CI engagements and initiatives, assists with center operations and leads projects with other Trusted CI staff.
- Oversees information security of leading edge computing and communications equipment. that is in round-the-clock use by the national research community. PSC’s Equipment is valued at roughly $60 million.
- Coordinate security in PSC: Conduct periodic assessments of PSC’s cybersecurity program. With input from members of a team and/or leadership, enhance PSC’s cybersecurity program.
- Stay current with new security threats, technological advances and regulatory requirements.
- Explore applicable cybersecurity improvement strategies and tactics.
- Lead team that carries out the implementation plans. Coordinate periodic audits of
- compliance of PSC practices and procedures to requirements, regulations and standards.
- Lead PSC incident response, including protection and custody of evidence. Interact with law enforcement or organizations as necessary.
- Oversee development, maintenance and dissemination of PSC’s documentation on center information security policies and procedures.
- Participate in local and national computer security incident response groups.
- Develop and promote cybersecurity awareness among staff and users.
- Oversee security training for staff and users.
- Regularly report to PSC management on information security posture.
- Perform associated high-performance computing and communications information security administration duties as needed.
- Acts as team leader. Determines own and team’s priorities based on overall goals, and may deviate from established procedures and practices as long as end results meet performance objectives and established goals.
- Gives advice and counsel to PSC, Trusted CI and ACCESS higher management which significantly influence decisions.
- Performs under minimal supervision. All normal duties and responsibilities are handled independently. Only the most difficult or unique situations are referred to higher management levels.
- Assesses the severity of an information security or system problem independently and makes a problem determination quickly.
- Regular status reports and attendance at various meetings is required.
Flexibility, excellence, and passion are vital qualities within PSC. Inclusion, collaboration and cultural sensitivity are valued competencies at CMU. Therefore, we are in search of a team member who is able to effectively interact with a varied population of internal and external partners at a high level of integrity. We are looking for someone who shares our values and who will support the mission of the university through their work.
Qualifications
- Minimum Bachelor’s Degree in Computer Science or a related field. A graduate degree in cybersecurity or related field, or certification such as CISSP, CISM, CISA, or CRISC is preferred.
- Minimum requirements include knowledge and skills developed through 7+ years of work experience in a related job discipline.
- Broad understanding of current computer, data and networking information security practices in a high performance computing and communications environment; demonstrated ability to apply that knowledge to develop and implement a practical, effective security program
- Excellent analytical, technical, reasoning and innovative problem-solving skills.
- Ability to lead teams and to function competently in a team environment.
- Ability to interact and communicate effectively and courteously with members of PSC, the broader university community, partner sites in ACCESS, and Trusted CI and the NSF Cyberinfrastructure community.
Requirements:
- Successful background check
Additional Information:
- Sponsorship: Applicants for this position must be currently legally authorized to work for CMU in the United States. CMU will not sponsor or take over sponsorship of an employment visa for this opportunity.
- Work Posture: This position is operating on a hybrid schedule, with an on-campus/in office presence 3 days a week.
- This is a full–time (37.5 hours/week), exempt position
- Funding: This is a grant-funded position.
Are you interested in this exciting opportunity? Please apply