Montana State University
Controlled Unclassified Information, Information Systems Security Manager
Montana State University, Virginia, Minnesota, United States, 55792
Overview
Controlled Unclassified Information, Information Systems Security Manager For questions regarding this position, please contact: Working Title Controlled Unclassified Information, Information Systems Security Manager Responsibilities
The CUI Information Systems Security Manager (ISSM) will be responsible for the management and oversight of all CUI IT capabilities for Research, including planning, programming, and developing compliant IT capabilities for MSU stakeholders and contractors providing services, to ensure compliance with evolving Research and CUI protection requirements. The ISSM reports to the Chief Information Security Officer (CISO) in University Information Technology, supporting work across all MSU Research units under Research and Economic Development. Duties and Responsibilities include, but are not limited to: Provide expertise and coordinate the development of University Research information security technical standards, guidelines, and procedures, based on a recognized framework of best practices and in support of MSU policies and regulations, such as CMMC, NIST 800-171, and NIST 800-53. Contribute CUI cybersecurity knowledge to assist with risk analysis, risk management activities, and security and compliance reviews. Prepare and maintain system security plans (SSPs) and plans of action and milestones (POA&M) for various CUI IT capabilities supporting research projects. In conjunction with the MSU Research Security Program, review research proposals with CUI elements and requirements, and develop contract-specific CUI IT capabilities as required. Develop and implement the management of compliant CUI IT systems to manage processes around user onboarding, offboarding, and maintaining appropriate permissions for access to CUI IT resources, in coordination with the Office of Research Security and UIT’s Research CIO and team. Develop processes for oversight and management of all CUI endpoints including inventory management, patching, auditing, inspecting, upgrading, troubleshooting and supporting necessary requirements for any endpoint accessing CUI information systems or processing CUI for research contracts. Develop and maintain processes to manage user access and configuration for IT information systems and servers and manage CUI IT user accounts, ensuring users with access are properly trained and using the resource in accordance with Technology Control Plans. Develop or review Technology Control Plans and other required CUI documents in coordination with the MSU Research Security Program pertaining to IT as needed. Develop streamlined processes involving stakeholders to expedite training, access, oversight, and support for internal and external customers. Conduct site visits, inspections and audits at locations where MSU works with CUI to ensure IT security practices, procedures, policies, and guidance are followed. Utilize the Supplier Performance Risk System (SPRS) and other government or third-party systems of record to develop and provide reports and perform actions to achieve or maintain compliance standards. Remain current on Federal Government standards, policies, regulations and laws pertaining to CUI IT management and security control requirements. Secure industry-standard Information Assurance certifications as required by management. Perform supervisory functions with Research IT employees in various departments across MSU. Oversee and direct deployment of CUI policies, guidance and procedures, and work with centers, institutes, and departments to ensure consistent implementation of Research CIO guidance for CUI within Research contracts. Qualifications
Required Qualifications – Experience, Education, Knowledge & Skills Demonstrated progressively responsible experience working with IT-focused management of information security programs. Demonstrated experience working with Controlled Unclassified Information (CUI) pursuant to 32 CFR 2002. Demonstrated knowledge and experience with security and regulatory compliance standards such as CMMC, NIST SP 800-171, and NIST SP 800-53. Demonstrated experience communicating technical information effectively in writing and verbally. Bachelor’s Degree in Information Systems, Computer Science, Computer Engineering or related, or an equivalent combination of education and experience. Preferred Qualifications
Master’s Degree in Information Technology or related discipline. Experience with US government security policies, regulations, and procedures, including implementation and management of compliance processes. Experience in University Research environments with federal information protection requirements. Familiarity with FAR/DFARS/ISOO/DCSA concepts. Ability to obtain industry-standard Information Assurance certifications such as CISM, CISSP, CISA within 6 months if not already held. Current or prior US government security clearance. The Successful Candidate Will
Provide proactive leadership and subject matter expertise to identify federal processes for CUI requirements supporting Controlled Research. Be results-focused, capable of operating autonomously in a complex, fast-paced environment. Demonstrate excellent written and public speaking skills to develop and deliver CUI content for stakeholders. Handle sensitive information appropriately, including during high-stress incidents. Collaborate with law enforcement, technical staff, and executive personnel at the university and within the Federal Government. Continuously improve programs to enhance information security, expedite support, reduce costs, and streamline CUI program processes. Position Special Requirements/Additional Information
This position is contingent upon continuation of funding. Remote or Hybrid work schedule may be considered. The successful candidate must comply with export control requirements and may need to obtain a Security Clearance or meet other government-defined restrictions. Favorable background checks are required by state and federal agencies. This job description is not exhaustive and MSU reserves the right to reassign duties. Physical Demands
To perform this job successfully, the individual must be able to perform each essential duty with or without reasonable accommodations. The requirements listed are representative of the knowledge, skill, and/or ability required. Supervisory Duties
This position has supervisory duties? Yes Administrative Details
Number of Vacancies: 1 Desired Start Date: Upon completion of a successful search Open Date / Close Date: Open until filled Applications will be screened starting October 27, 2025, and continue to be accepted until an adequate applicant pool is established. Special Instructions & EEO
EEO Statement: Montana State University is an equal opportunity employer. MSU does not discriminate on the basis of race, color, religion, creed, political ideas, sex, sexual orientation, gender identity or expression, age, marital status, national origin, disability, or other protected status. Veterans’ preference is provided as appropriate. Required Documents: Resume; Cover Letter. Optional Documents may be requested. Supplemental Questions
Required fields are indicated with an asterisk (*).
#J-18808-Ljbffr
Controlled Unclassified Information, Information Systems Security Manager For questions regarding this position, please contact: Working Title Controlled Unclassified Information, Information Systems Security Manager Responsibilities
The CUI Information Systems Security Manager (ISSM) will be responsible for the management and oversight of all CUI IT capabilities for Research, including planning, programming, and developing compliant IT capabilities for MSU stakeholders and contractors providing services, to ensure compliance with evolving Research and CUI protection requirements. The ISSM reports to the Chief Information Security Officer (CISO) in University Information Technology, supporting work across all MSU Research units under Research and Economic Development. Duties and Responsibilities include, but are not limited to: Provide expertise and coordinate the development of University Research information security technical standards, guidelines, and procedures, based on a recognized framework of best practices and in support of MSU policies and regulations, such as CMMC, NIST 800-171, and NIST 800-53. Contribute CUI cybersecurity knowledge to assist with risk analysis, risk management activities, and security and compliance reviews. Prepare and maintain system security plans (SSPs) and plans of action and milestones (POA&M) for various CUI IT capabilities supporting research projects. In conjunction with the MSU Research Security Program, review research proposals with CUI elements and requirements, and develop contract-specific CUI IT capabilities as required. Develop and implement the management of compliant CUI IT systems to manage processes around user onboarding, offboarding, and maintaining appropriate permissions for access to CUI IT resources, in coordination with the Office of Research Security and UIT’s Research CIO and team. Develop processes for oversight and management of all CUI endpoints including inventory management, patching, auditing, inspecting, upgrading, troubleshooting and supporting necessary requirements for any endpoint accessing CUI information systems or processing CUI for research contracts. Develop and maintain processes to manage user access and configuration for IT information systems and servers and manage CUI IT user accounts, ensuring users with access are properly trained and using the resource in accordance with Technology Control Plans. Develop or review Technology Control Plans and other required CUI documents in coordination with the MSU Research Security Program pertaining to IT as needed. Develop streamlined processes involving stakeholders to expedite training, access, oversight, and support for internal and external customers. Conduct site visits, inspections and audits at locations where MSU works with CUI to ensure IT security practices, procedures, policies, and guidance are followed. Utilize the Supplier Performance Risk System (SPRS) and other government or third-party systems of record to develop and provide reports and perform actions to achieve or maintain compliance standards. Remain current on Federal Government standards, policies, regulations and laws pertaining to CUI IT management and security control requirements. Secure industry-standard Information Assurance certifications as required by management. Perform supervisory functions with Research IT employees in various departments across MSU. Oversee and direct deployment of CUI policies, guidance and procedures, and work with centers, institutes, and departments to ensure consistent implementation of Research CIO guidance for CUI within Research contracts. Qualifications
Required Qualifications – Experience, Education, Knowledge & Skills Demonstrated progressively responsible experience working with IT-focused management of information security programs. Demonstrated experience working with Controlled Unclassified Information (CUI) pursuant to 32 CFR 2002. Demonstrated knowledge and experience with security and regulatory compliance standards such as CMMC, NIST SP 800-171, and NIST SP 800-53. Demonstrated experience communicating technical information effectively in writing and verbally. Bachelor’s Degree in Information Systems, Computer Science, Computer Engineering or related, or an equivalent combination of education and experience. Preferred Qualifications
Master’s Degree in Information Technology or related discipline. Experience with US government security policies, regulations, and procedures, including implementation and management of compliance processes. Experience in University Research environments with federal information protection requirements. Familiarity with FAR/DFARS/ISOO/DCSA concepts. Ability to obtain industry-standard Information Assurance certifications such as CISM, CISSP, CISA within 6 months if not already held. Current or prior US government security clearance. The Successful Candidate Will
Provide proactive leadership and subject matter expertise to identify federal processes for CUI requirements supporting Controlled Research. Be results-focused, capable of operating autonomously in a complex, fast-paced environment. Demonstrate excellent written and public speaking skills to develop and deliver CUI content for stakeholders. Handle sensitive information appropriately, including during high-stress incidents. Collaborate with law enforcement, technical staff, and executive personnel at the university and within the Federal Government. Continuously improve programs to enhance information security, expedite support, reduce costs, and streamline CUI program processes. Position Special Requirements/Additional Information
This position is contingent upon continuation of funding. Remote or Hybrid work schedule may be considered. The successful candidate must comply with export control requirements and may need to obtain a Security Clearance or meet other government-defined restrictions. Favorable background checks are required by state and federal agencies. This job description is not exhaustive and MSU reserves the right to reassign duties. Physical Demands
To perform this job successfully, the individual must be able to perform each essential duty with or without reasonable accommodations. The requirements listed are representative of the knowledge, skill, and/or ability required. Supervisory Duties
This position has supervisory duties? Yes Administrative Details
Number of Vacancies: 1 Desired Start Date: Upon completion of a successful search Open Date / Close Date: Open until filled Applications will be screened starting October 27, 2025, and continue to be accepted until an adequate applicant pool is established. Special Instructions & EEO
EEO Statement: Montana State University is an equal opportunity employer. MSU does not discriminate on the basis of race, color, religion, creed, political ideas, sex, sexual orientation, gender identity or expression, age, marital status, national origin, disability, or other protected status. Veterans’ preference is provided as appropriate. Required Documents: Resume; Cover Letter. Optional Documents may be requested. Supplemental Questions
Required fields are indicated with an asterisk (*).
#J-18808-Ljbffr