Johns Hopkins Applied Physics Laboratory

Role Description Are you an expert in the NISPOM (32 CFR 117)? Do you have experience working with DCSA? If so, we're looking for someone like you to join our team at APL. We are seeking an Industrial Security Specialist to help us conduct self-inspections, administrative inquiries (AIs), review prime DD254s and create subcontract DD254s, develop and maintain security policies and procedures. The Security Office Group (SECD/ZSO) aims to provide superior security administration services to JHU/APL, while executing the requirements, restrictions, and safeguards prescribed by the NISPOM to safeguard classified information. As an Industrial Security Specialist, you will: - Primarily provide security oversight and conduct internal audits and surveys to ensure NISPOM security policies and procedures are properly implemented and adhered to. - Analyze classified documents to ensure proper marking of program security classification guides, and develop staff security awareness training. - Prepare inspection schedules, reports; Present findings to SECD management. - Develop comprehensive and complete reports for dissemination to Sectors/Departments and others. - Conduct interviews of personnel. - Reinforce counterintelligence (CI) awareness, including foreign intelligence threats, suspicious contacts, and reporting requirements. - Maintain knowledge of contracting procedures and related documents. - Conduct administrative inquiries of security violations to include loss and compromise of classified information/material, and coordinate initial and final reports; Coordination with the Insider Threat Program Senior Official (ITPSO) / insider threat team, when applicable. - Assist in the determination of culpability; Develop Administrative Inquiries for submission to DCSA. Track inquiries and develop reports for management. - Assist in the development and maintenance of security policies and procedures. - Review prime DD254s and relay any security requirements that are above our normal NISPOM requirements to the Program Manager/Project Manager. - Work with Program Manager/Project Managers on the creation of subcontract DD254s. - Communicate and collaborate with internal partners such as the Designated Security Representatives, ISSM teams, physical security group and program security group. - Provide timely and accurate responses to security-related questions from the workforce, offering clear guidance on NISPOM requirements, classification, reporting obligations, and day-to-day security procedures. - Support the Facility Security Officer (FSO) in meeting established security program goals, metrics, and key performance indicators (KPIs). Qualifications - Have a Bachelor's degree and at least two years of relevant experience in the industrial security field, OR have at least four years of relevant security-related experience in lieu of a degree. - Have a strong working knowledge of the National Industrial Security Program Operating Manual (NISPOM) (32 CFR 117). - Have a demonstrated ability to effectively interact and work with laboratory staff at all levels. - Are able to communicate effectively, both orally and in writing, with internal and external customers. - Are a committed team player with excellent interpersonal skills and a demonstrated ability to multitask, prioritize, and deliver high‑quality products and services. - Can complete the Center for Development of Security Excellence (CDSE) curricula for Facility (FSO) Orientation for Possessing Facilities (ISO30.CU) and adverse information training within 12 months of hire. - Hold an active Secret level security clearance and can ultimately obtain a Top Secret level clearance. If selected, you will be subject to a government security clearance investigation and must meet the requirements for access to classified information. Eligibility requirements include U.S. citizenship. Requirements - Have NISPOM assessment/inspection team experience. - Have experience developing and implementing security‑related training programs. - Are a NCMS Industrial Security Professional (ISP) certification and/or DCSA Security Fundamentals Professional (SFPC) certification. - Have previous FSO/AFSO experience. - Are proficient with SIMS, NISS, DISS and OPSLink. Benefits - Generous benefits, including a robust education assistance program. - Unparalleled retirement contributions. - Healthy work/life balance. - Comprehensive benefits package including retirement plans, paid time off, medical, dental, vision, life insurance, short-term disability, long-term disability, flexible spending accounts, education assistance, and training and development.

Role Description Are you passionate about being on a team of highly skilled, motivated and dedicated professionals charged with protecting sensitive data while supporting the JHU/APL mission? Do you want to integrate cybersecurity and compliance within our enterprise, sector and department networks? Are you passionate about protecting our Nations sensitive information? If so, we’re looking for someone like you to join our team at APL. We are seeking an Assistant Group Supervisor (AGS) in Information Security Assurance (ISA) to partner with the Group Supervisor in leading a high performing organization of cybersecurity professionals. This role operates within a shared leadership model, where the AGS and Group Supervisor share responsibilities across the two primary pillars of the group; threat detection and compliance, ensuring seamless leadership coverage across both domains. This AGS role will focus primarily on the compliance pillar. As the ISA Assistant Group Supervisor, you will serve as a strategic and operational leader responsible for: - Shared Leadership Model - Partner closely with the Group Supervisor to align strategy, priorities, and execution across the ISA Group - Share responsibility for overall group performance, section leadership, and staff engagement - Provide full leadership coverage in the absence of the Group Supervisor and across all ISA functions as needed - Ensure seamless integration and coordination between all sections and responsibility pillars - Operations Leadership - Lead the maturation of ISA’s cybersecurity risk management and compliance program - Provide strategic oversight of the Laboratory's compliance posture with government regulations with a primary focus on CMMC and NIST SP 800-171 requirements - Collaborate with business areas and technical staff to support compliance assessments and serve as a key liaison with Certified Third-Party Assessment Organizations (C3PAOs) - Drive a risk-based, "how do we get to yes" approach that balances compliance requirements, operational needs, and practical risk management - Establish and maintain processes for risk identification, assessment, acceptance, and mitigation - Provide oversight for security assessments, audits, and continuous monitoring activities - Lead the Laboratory's CMMC assessment program, including oversight of C3PAO relationships and preparation for annual affirmations of compliance across the organization - Provide guidance on cybersecurity requirements contained in RFIs, RFPs, and contracts to ensure compliance obligations are clearly understood and appropriately addressed - Lead the buildout of posture monitoring, configuration management, and cloud compliance capabilities across ISA sections - Ensure continuous monitoring principles are operationalized and aligned with both compliance requirements and the broader threat detection and response - Lead the hiring and development of section leadership and staff as the sections mature - Organizational Leadership - Ensure Section Supervisors are effectively managing staff performance, development, and accountability within their respective security functions - Identify and develop high-potential staff and build leadership bench strength across the broader ISA Group - Ensure staff are provided meaningful opportunities for growth aligned with organizational needs - Provide expert guidance on complex risk decisions, including exception handling and compensating controls - Partner with threat detection and incident response leadership to maintain feedback loops between detection findings and control improvements - Leverage data and analytics to identify systemic risks, control gaps, and trends across the security program - Provide executive management awareness of the ongoing state of compliance across the enterprise Qualifications - Have a Bachelor's degree in Cybersecurity, Computer Science, Information Systems, a related field, or requisite experience - Have at least 7 years of experience in cybersecurity, with significant experience in governance, risk, and compliance - Have at least 5 years of experience leading and/or managing teams with demonstrated ability to exercise sound judgment and discretion - Have strong working knowledge of NIST SP 800-171 and applicable federal cybersecurity compliance frameworks - Demonstrate the ability to translate policy and regulatory requirements into actionable security practices - Have experience balancing mission needs with security and compliance requirements in complex environments - Have familiarity with cloud security architectures, identity-first security models, or modern data platforms - Have experience using data and metrics to drive risk-based decisions - Possess excellent interpersonal, written, and oral communication skills, with a proven ability to operate effectively at all levels of leadership - Are able to obtain a Secret security clearance. If selected, you will be subject to a government security clearance investigation and must meet the requirements for access to classified information. Eligibility requirements include U.S. citizenship. Requirements - Have a Master's degree in Cybersecurity, Computer Science, Information Systems, a related field, or requisite experience, including significant cybersecurity leadership experience spanning both GRC and security operations - Have experience standing up or restructuring security operations functions, including defining mission scope and building teams - Have experience leading organizational transformation or modernization initiatives within a cybersecurity program - Have experience integrating security telemetry, behavioral analytics, or automated tooling into compliance or risk management workflows - Have experience implementing quantitative or risk-based decision frameworks - Hold relevant professional certifications (e.g., CISSP, CISM, CRISC) - Have an understanding of attack methodologies used by Nation State actors and the ATT&CK matrix to effectively assess risk Benefits - Generous benefits, including a robust education assistance program - Unparalleled retirement contributions - Healthy work/life balance - Comprehensive benefits package including retirement plans, paid time off, medical, dental, vision, life insurance, short-term disability, long-term disability, flexible spending accounts, education assistance, and training and development

Role Description Are you organized, able to manage multiple tasks, and pay attention to details? If you love the buzz of getting the right resources to the right people: fast, accurately, and with a smile, this is the place to shine. If so, we're looking for someone like you to join our team at APL. We’re on the hunt for a Procurement Operations Administrator who thrives on turning needs into reality. In this role you will: - Drive the end-to-end procurement process for programs in the Asymmetric Operations Sector. - Partner hand-in-hand with project teams to deliver timely, compliant subcontracts and material purchases. - Become part of a tight-knit crew of procurement operations admins who live for smooth, on-schedule procurements. - Ensure all project procurements (material, subcontracts, Special Test Equipment (STE) and miscellaneous other direct costs) are processed accurately and efficiently in order to meet project schedules. - Work on foreign orders with ITCO and legal, with Government certified vendors on telecommunication purchases and procurements on fabrication orders. - Handle a variety of complex procurements where you will evaluate best processes and alternative solutions to ensure Government regulations and APL procedures are followed. - Ensure the completion of the work, service or delivery of the material or equipment has been fulfilled. - Maintain liaison with vendors and purchasing group to secure and provide information concerning special requirements for supplies, equipment and services or to resolve procurement issues. - Keep abreast of new product information and review appropriate literature to provide guidance to program teams in determining the sources of vendors and products. - Reconcile procurement cards weekly. - Set up and maintain automated files and logs for tracking procurements. - Perform additional duties to assist in department activities as needed. - Drive process changes by identifying process and efficiency improvements, problem-solving, and working with varying teams to implement change and updates. Note: This job summary and listing of duties is for the purpose of describing the position and its essential functions at time of hire and may change over time. Qualifications - 5 or more years of administrative experience in one or more key functional areas. - Applied working knowledge of the Labs procurement processes, including eBuy, PCards and purchase requisitions in EBSS. - Demonstrates the ability to accomplish multiple tasks and prioritize work, proficiency in carrying out duties with attention to detail, excellent interpersonal skills and recommendations on process improvement. - Ability to demonstrate initiative and interact well with different levels of staff with little supervision. - Proficient MS Excel skills. - Able to obtain a Secret level security clearance. If selected, you will be subject to a government security clearance investigation and must meet the requirements for access to classified information. Eligibility requirements include U.S. citizenship. Requirements - Comprehensive knowledge of APL practices and procedures, purchasing, and budgetary. - Knowledge and experience with AOS Operations. - Familiar with AOS eBuy. Benefits - Generous benefits, including a robust education assistance program. - Unparalleled retirement contributions. - Healthy work/life balance. - Comprehensive benefits package including retirement plans, paid time off, medical, dental, vision, life insurance, short-term disability, long-term disability, flexible spending accounts, education assistance, and training and development.

Description Do you have the enthusiasm and curiosity to seek, tackle, and create opportunities to solve the Nation’s hardest cyber and intelligence challenges? Are you passionate about ensuring the resilience of National Security Systems and critical infrastructure against the most advanced cyber threats? Do you thrive at conceptualizing strategies and working across partner organizations to implement those strategies to drive high impact results supporting the Department of Defense (DoD), Intelligence Community (IC), and state and local government partners? If so, we’re looking for someone like you to join our team at APL. We are seeking a senior cyber leader to develop and execute cyber resilience strategies, mission concepts, and operational capabilities that strengthen National Security Systems and critical infrastructure. The ideal candidate brings experience in cyber operations, intelligence, technical program leadership, risk management, sponsor engagement, and cross-organizational coordination across DoD, IC, DOE, and other government partners. You’ll join a mission-driven team of researchers, scientists, and engineers working to protect the Nation’s most critical infrastructure, including SCADA systems in electric utilities, PLC-controlled systems in manufacturing plants, automated HVAC/BAS in secure government buildings, and defense industrial base assets. Together, we strive to foster innovation and achieve mission impact through the application of science and technology to real-world challenges. As a member of our team, you will help develop transformational capabilities and strategies focused on cyber resilience for National Security Systems and critical infrastructure. As a Cyber Resilient Capability Development Lead, you will… - Lead cyber resilience programs from concept through execution, including scope, schedule, resources, budget, risk, compliance, and reporting - Collaborate with sponsors and mission partners to define objectives, success criteria, and capability roadmaps - Integrate offensive and defensive cyber perspectives into mission planning, vulnerability analysis, and resilience solutions - Lead cross-functional teams, produce and deliver senior-level executive briefings, and move capabilities from planning into operational use - Perform system security gap analysis, assess commercial tools for government use, and develop concepts of operation (CONOPS) and planning products for senior leaders - Support testing and evaluation efforts with technical teams in critical infrastructure environments - Engage in red teaming exercises and adversary emulation - Analyze requirements and architect systems Qualifications You meet our minimum qualifications for the job if you… - Possess a Bachelor's in information technology, cybersecurity, cyber operations, or another field relevant to the duties as described above - Have 10+ years of experience in cybersecurity, cyber operations, intelligence, or related national security missions - Possess a strong background in network security, mission analysis, vulnerability assessments, system security gap analysis, and stakeholder engagement - Have 10+ years of experience leading technical programs or mission teams supporting DoD, IC, DOE, or other government sponsors - Possess excellent leadership, writing, briefing, and team development skills - Can confidently represent technical concepts to sponsors and stakeholders, including knowledge of applicable government regulations, standards, and policies. - Are skilled in sponsor engagement - Have proven ability to influence prospective partners, executives, and teams - Have the ability to network and collaborate across organizations and with external partners - Have experience leading cross-organization and cross-functional teams - Are able to obtain a Top Secret level security clearance by your start date and can ultimately obtain TS/SCI+poly level clearance. If selected, you will be subject to a government security clearance investigation and must meet the requirements for access to classified information. Eligibility requirements include U.S. citizenship. You’ll go above and beyond our minimum requirements if you… - Have experience in a national laboratory, Combatant Command, or joint cyber environment - Possess offensive cyber operations leadership - Have published research in cybersecurity or related fields - Are interest or developing experience in ICS/SCADA and critical infrastructure resilience - Have Active Top Secret or above clearance About Us Why Work at APL? The Johns Hopkins University Applied Physics Laboratory (APL) brings world-class expertise to our nation’s most critical defense, security, space and science challenges. While we are dedicated to solving complex challenges and pioneering new technologies, what makes us truly outstanding is our culture. We offer a vibrant, welcoming atmosphere where you can bring your authentic self to work, continue to grow, and build strong connections with inspiring teammates. At APL, we celebrate our differences of perspectives and encourage creativity and bold, new ideas. Our employees enjoy generous benefits, including a robust education assistance program, unparalleled retirement contributions, and a healthy work/life balance. APL’s campus is located in the Baltimore-Washington metro area. Learn more about our career opportunities at http://www.jhuapl.edu/careers. All qualified applicants will receive consideration for employment without regard to race, creed, color, religion, sex, gender identity or expression, sexual orientation, national origin, age, physical or mental disability, genetic information, veteran status, occupation, marital or familial status, political opinion, personal appearance, or any other characteristic protected by applicable law. APL is committed to providing reasonable accommodation to individuals of all abilities, including those with disabilities. If you require a reasonable accommodation to participate in any part of the hiring process, please contact Accommodations@jhuapl.edu. The referenced pay range is based on JHU APL’s good faith belief at the time of posting. Actual compensation may vary based on factors such as geographic location, work experience, market conditions, education/training and skill level with consideration for internal parity. For salaried employees scheduled to work less than 40 hours per week, annual salary will be prorated based on the number of hours worked. APL may offer bonuses or other forms of compensation per internal policy and/or contractual designation. Additional compensation may be provided in the form of a sign-on bonus, relocation benefits, locality allowance or discretionary payments for exceptional performance. APL provides eligible staff with a comprehensive benefits package including retirement plans, paid time off, medical, dental, vision, life insurance, short-term disability, long-term disability, flexible spending accounts, education assistance, and training and development. Applications are accepted on a rolling basis. Minimum Rate $105,000 Annually Maximum Rate $290,000 Annually