Montana State University
Bozeman, MT, USA
Security Analyst II
Montana State University
Position Information
Announcement Number: STAFF - VA - 26297
For questions regarding this position, please contact:
John Williams john.williams25@montana.edu 406-994-6391
Classification Title: Computer Sftwr Eng/Appl II
Working Title: Security Analyst II
Brief Position Overview
The full-time Security Analyst provides technical and administrative support to ensure the security of MSU’s environment. The primary responsibilities of this position include information, application, and system security assessments; the maintenance and operation of security-focused applications; training and awareness; and incident mitigation and response. This role functions as a resource to the four-campus MSU Enterprise, providing consulting and advisory services to technical and functional users on all MSU campuses on matters related to information and application security.
Under the supervision of the Chief Information Security Officer, this full-time position works closely with the technical and administrative staff throughout the four MSU campuses and the IT Community to maintain and improve the security of MSU’s data and IT resources.
Position Number: 4M0247
Department: UIT Info Security
Division: VP for Information Technology
Appointment Type: Classified
Contract Term: Fiscal Year
Semester:
If other, specify From date:
If other, specify End date:
FLSA: Exempt
Union Affiliation: FOCUS-MFPE
FTE: 1.0
Benefits Eligible: Eligible
Salary: $34.88 per hour, commensurate with experience, education, and qualifications
Contract Type: Classified Salary
If other, please specify:
Recruitment Type: Open
Position Details
General Statement
In support of the Montana State University mission, University Information Technology promotes, develops, delivers, and facilitates the use of information technology services and resources.
Duties and Responsibilities
Provide general security monitoring, consultation, vulnerability remediation, and incident response. Serve as a subject matter expert across a range of server, application, and networking technologies to ensure proper security controls and practices. Analyze and remediate potential security issues identified by a range of internal and external tools and resources, with consistent follow-through ensuring accurate resolution. Design, implement, and manage a range of security services in coordination with information practitioners across MSU. Collaborate with a range of technical professionals across MSU on the identification and remediation of security issues. Provide technical support and expertise to software and hardware design efforts with a focus on secure architectures. Conduct technical training and security awareness presentations to a range of constituents across MSU.
Required Qualifications – Experience, Education, Knowledge & Skills
1. Demonstrated experience with security and privacy best practices as well as incident response. 2. Demonstrated experience with server and desktop operating systems. 3. Demonstrated experience with information security tools and practices. 4. Demonstrated experience with operating system and network traffic behavior and trend analysis. 5. Demonstrated experience with data loss prevention, vulnerability management, threat hunting, anti-malware tools, and SIEMs in a higher education environment.
Preferred Qualifications – Experience, Education, Knowledge & Skills
1. Advanced knowledge of network protocols, firewalls, and associated risks. 2. Hands-on systems and networking administration experience. 3. Demonstrated experience supporting ERP and other enterprise software and Web application environments. 4. Demonstrated experience providing both technical and functional users with training related to security best practices.
The Successful Candidate Will
Ability to conduct technical training and security awareness presentations to a range of constituents across MSU. Ability to communicate effectively both verbally and in written form. Demonstrated discretion in handling sensitive information and circumstances, including high-stress incident handling. Ability to multi-task, prioritize, and rapidly re-prioritize a variety of tasks at different levels of complexity and urgency.
Position Special Requirements/Additional Information
This position is not eligible for sponsorship.
This job description should not be construed as an exhaustive statement of duties, responsibilities or requirements, but a general description of the job. Nothing contained herein restricts Montana State University’s rights to assign or reassign duties and responsibilities to this job at any time.
Physical Demands
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily with or without reasonable accommodations. The requirements listed above are representative of the knowledge, skill, and/or ability required.
This position has supervisory duties?: No
Posting Detail Information
Number of Vacancies: 1
Desired Start Date: Upon completion of a successful search
Position End Date (if temporary):
Open Date:
Close Date:
Applications will be:
Screening of applications will begin on March 31, 2026; however, applications will continue to be accepted until an adequate applicant pool has been established.
Special Instructions
This position is not eligible for sponsorship.
EEO Statement
Montana State University is an equal opportunity employer. MSU does not discriminate against any applicant on the basis of race, color, religion, creed, political ideas, sex, sexual orientation, gender identity or expression, age, marital status, national origin, physical or mental disability, or any other protected class status in violation of any applicable law.
In compliance with the Montana Veteran’s Employment Preference Act, MSU provides preference in employment to veterans, disabled veterans, and certain eligible relatives of veterans. To claim veteran’s preference, please complete the veteran’s preference information located in the Demographics section of your profile.
Applicant Documents
Required Documents
1. Resume 2. Cover Letter
To apply, visit https://apptrkr.com/6972466
Full Time
Security Analyst II
Montana State University
Position Information
Announcement Number: STAFF - VA - 26297
For questions regarding this position, please contact:
John Williams john.williams25@montana.edu 406-994-6391
Classification Title: Computer Sftwr Eng/Appl II
Working Title: Security Analyst II
Brief Position Overview
The full-time Security Analyst provides technical and administrative support to ensure the security of MSU’s environment. The primary responsibilities of this position include information, application, and system security assessments; the maintenance and operation of security-focused applications; training and awareness; and incident mitigation and response. This role functions as a resource to the four-campus MSU Enterprise, providing consulting and advisory services to technical and functional users on all MSU campuses on matters related to information and application security.
Under the supervision of the Chief Information Security Officer, this full-time position works closely with the technical and administrative staff throughout the four MSU campuses and the IT Community to maintain and improve the security of MSU’s data and IT resources.
Position Number: 4M0247
Department: UIT Info Security
Division: VP for Information Technology
Appointment Type: Classified
Contract Term: Fiscal Year
Semester:
If other, specify From date:
If other, specify End date:
FLSA: Exempt
Union Affiliation: FOCUS-MFPE
FTE: 1.0
Benefits Eligible: Eligible
Salary: $34.88 per hour, commensurate with experience, education, and qualifications
Contract Type: Classified Salary
If other, please specify:
Recruitment Type: Open
Position Details
General Statement
In support of the Montana State University mission, University Information Technology promotes, develops, delivers, and facilitates the use of information technology services and resources.
Duties and Responsibilities
Provide general security monitoring, consultation, vulnerability remediation, and incident response. Serve as a subject matter expert across a range of server, application, and networking technologies to ensure proper security controls and practices. Analyze and remediate potential security issues identified by a range of internal and external tools and resources, with consistent follow-through ensuring accurate resolution. Design, implement, and manage a range of security services in coordination with information practitioners across MSU. Collaborate with a range of technical professionals across MSU on the identification and remediation of security issues. Provide technical support and expertise to software and hardware design efforts with a focus on secure architectures. Conduct technical training and security awareness presentations to a range of constituents across MSU.
Required Qualifications – Experience, Education, Knowledge & Skills
1. Demonstrated experience with security and privacy best practices as well as incident response. 2. Demonstrated experience with server and desktop operating systems. 3. Demonstrated experience with information security tools and practices. 4. Demonstrated experience with operating system and network traffic behavior and trend analysis. 5. Demonstrated experience with data loss prevention, vulnerability management, threat hunting, anti-malware tools, and SIEMs in a higher education environment.
Preferred Qualifications – Experience, Education, Knowledge & Skills
1. Advanced knowledge of network protocols, firewalls, and associated risks. 2. Hands-on systems and networking administration experience. 3. Demonstrated experience supporting ERP and other enterprise software and Web application environments. 4. Demonstrated experience providing both technical and functional users with training related to security best practices.
The Successful Candidate Will
Ability to conduct technical training and security awareness presentations to a range of constituents across MSU. Ability to communicate effectively both verbally and in written form. Demonstrated discretion in handling sensitive information and circumstances, including high-stress incident handling. Ability to multi-task, prioritize, and rapidly re-prioritize a variety of tasks at different levels of complexity and urgency.
Position Special Requirements/Additional Information
This position is not eligible for sponsorship.
This job description should not be construed as an exhaustive statement of duties, responsibilities or requirements, but a general description of the job. Nothing contained herein restricts Montana State University’s rights to assign or reassign duties and responsibilities to this job at any time.
Physical Demands
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily with or without reasonable accommodations. The requirements listed above are representative of the knowledge, skill, and/or ability required.
This position has supervisory duties?: No
Posting Detail Information
Number of Vacancies: 1
Desired Start Date: Upon completion of a successful search
Position End Date (if temporary):
Open Date:
Close Date:
Applications will be:
Screening of applications will begin on March 31, 2026; however, applications will continue to be accepted until an adequate applicant pool has been established.
Special Instructions
This position is not eligible for sponsorship.
EEO Statement
Montana State University is an equal opportunity employer. MSU does not discriminate against any applicant on the basis of race, color, religion, creed, political ideas, sex, sexual orientation, gender identity or expression, age, marital status, national origin, physical or mental disability, or any other protected class status in violation of any applicable law.
In compliance with the Montana Veteran’s Employment Preference Act, MSU provides preference in employment to veterans, disabled veterans, and certain eligible relatives of veterans. To claim veteran’s preference, please complete the veteran’s preference information located in the Demographics section of your profile.
Applicant Documents
Required Documents
1. Resume 2. Cover Letter
To apply, visit https://apptrkr.com/6972466
Montana State University
Bozeman, MT, USA
IT Security Architect
Montana State University
Position Information
Announcement Number: STAFF - VA - 26187
For questions regarding this position, please contact:
John Williams john.williams25@montana.edu 406-994-7841
Classification Title: Net Sys/Comm Analyst III
Working Title: IT Security Architect
Brief Position Overview
The Security Architect will lead efforts to coordinate the development, documentation, and implementation of initiatives to improve the security of MSU’s IT environment. The primary responsibilities of this position are to, using the NIST Cybersecurity Framework (CSF) as a guide, assess the security posture of MSU’s four-campus IT environment and coordinate initiatives to identify, document, and implement standards to improve the confidentiality, integrity, and availability of MSU’s IT resources.
Under the supervision of the Chief Information Security Officer, this full-time position works closely with the technical and administrative staff throughout the four MSU campuses and the IT Community to maintain and improve the security of MSU’s data and IT resources.
Position Number: 4M1266
Department: UIT Information Security Group
Division: VP for Information Technology
Appointment Type: Classified
Contract Term: Fiscal Year
Semester:
If other, specify From date:
If other, specify End date:
FLSA: Exempt
Union Affiliation: FOCUS-MFPE
FTE: 1.0
Benefits Eligible: Eligible
Salary: Salary range of $40.032 to $56.045 hourly, commensurate with experience, education, and qualifications
Contract Type: Classified Salary
If other, please specify:
Recruitment Type: Open
Position Details
General Statement
In support of the Montana State University mission, University Information Technology promotes, develops, delivers, and facilitates the use of information technology services and resources.
Duties and Responsibilities
• Develop and maintain security policies and standards for MSU’s four-campus IT environment. • Conduct or coordinate risk assessments and audits using the NIST CSF, and other NIST frameworks (NIST 800-171) to identify and prioritize opportunities to mitigate threats and risks to MSU’s systems and data. • Evaluate and recommend solutions and technologies to improve MSU’s security posture. • Collaborate with interdisciplinary units to identify, prioritize, and implement mitigating controls for identified risks. This includes, but is not limited to, networking, system administration, enterprise services, desktop and user support, and application development. • Assist in the planning for, coordination of, and response to, security incidents.
Required Qualifications – Experience, Education, Knowledge & Skills
1. Bachelor’s degree and a track record of progressively responsible experience in information technology, or an equivalent combination of education and experience. 2. Advanced knowledge of network protocols, firewalls, and associated risks. 3. Hands-on systems and networking administration experience. 4. Demonstrated experience supporting ERP and other enterprise software and Web application environments. 5. Demonstrated experience with data loss prevention, vulnerability management, threat hunting, anti-malware tools, and SIEMs in a higher education environment. 6. Demonstrated experience providing both technical and functional users with training related to security best practices. 7. Demonstrated experience using a risk-based approach to identify and prioritize new initiatives. 8. Demonstrated experience with assessing functional requirements to ensure a balanced approach to security with business needs in mind. 9. Demonstrated experience with the implementation and maintenance of the principle of least privilege.
Preferred Qualifications – Experience, Education, Knowledge & Skills
1. A Bachelor’s degree with an emphasis on cybersecurity (Master’s degree preferred). 2. Demonstrated ability to coordinate among interdisciplinary units to work toward a common goal. 3. Experience working in a multi-campus higher education environment. 4. Experience responding to, and helping to manage, security incidents.
The Successful Candidate Will
•Ability to communicate effectively both verbally and in written form. • Demonstrated discretion in handling sensitive information and circumstances, including high-stress incident handling. • Ability to multi-task, prioritize, and rapidly re-prioritize a variety of tasks at different levels of complexity and urgency.
Position Special Requirements/Additional Information
This job description should not be construed as an exhaustive statement of duties, responsibilities or requirements, but a general description of the job. Nothing contained herein restricts Montana State University’s rights to assign or reassign duties and responsibilities to this job at any time.
This position is not eligible for sponsorship.
Physical Demands
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily with or without reasonable accommodations. The requirements listed above are representative of the knowledge, skill, and/or ability required.
This position has supervisory duties?: No
Posting Detail Information
Number of Vacancies: 1
Desired Start Date: Upon completion of a successful search
Position End Date (if temporary):
Open Date:
Close Date:
Applications will be:
Screening of applications will begin on November 20, 2025; however, applications will continue to be accepted until an adequate applicant pool has been established.
Special Instructions
EEO Statement
Montana State University is an equal opportunity employer. MSU does not discriminate against any applicant on the basis of race, color, religion, creed, political ideas, sex, sexual orientation, gender identity or expression, age, marital status, national origin, physical or mental disability, or any other protected class status in violation of any applicable law.
In compliance with the Montana Veteran’s Employment Preference Act, MSU provides preference in employment to veterans, disabled veterans, and certain eligible relatives of veterans. To claim veteran’s preference, please complete the veteran’s preference information located in the Demographics section of your profile.
Applicant Documents
Required Documents
1. Resume 2. Cover Letter
To apply, visit https://apptrkr.com/6704643
Full Time
IT Security Architect
Montana State University
Position Information
Announcement Number: STAFF - VA - 26187
For questions regarding this position, please contact:
John Williams john.williams25@montana.edu 406-994-7841
Classification Title: Net Sys/Comm Analyst III
Working Title: IT Security Architect
Brief Position Overview
The Security Architect will lead efforts to coordinate the development, documentation, and implementation of initiatives to improve the security of MSU’s IT environment. The primary responsibilities of this position are to, using the NIST Cybersecurity Framework (CSF) as a guide, assess the security posture of MSU’s four-campus IT environment and coordinate initiatives to identify, document, and implement standards to improve the confidentiality, integrity, and availability of MSU’s IT resources.
Under the supervision of the Chief Information Security Officer, this full-time position works closely with the technical and administrative staff throughout the four MSU campuses and the IT Community to maintain and improve the security of MSU’s data and IT resources.
Position Number: 4M1266
Department: UIT Information Security Group
Division: VP for Information Technology
Appointment Type: Classified
Contract Term: Fiscal Year
Semester:
If other, specify From date:
If other, specify End date:
FLSA: Exempt
Union Affiliation: FOCUS-MFPE
FTE: 1.0
Benefits Eligible: Eligible
Salary: Salary range of $40.032 to $56.045 hourly, commensurate with experience, education, and qualifications
Contract Type: Classified Salary
If other, please specify:
Recruitment Type: Open
Position Details
General Statement
In support of the Montana State University mission, University Information Technology promotes, develops, delivers, and facilitates the use of information technology services and resources.
Duties and Responsibilities
• Develop and maintain security policies and standards for MSU’s four-campus IT environment. • Conduct or coordinate risk assessments and audits using the NIST CSF, and other NIST frameworks (NIST 800-171) to identify and prioritize opportunities to mitigate threats and risks to MSU’s systems and data. • Evaluate and recommend solutions and technologies to improve MSU’s security posture. • Collaborate with interdisciplinary units to identify, prioritize, and implement mitigating controls for identified risks. This includes, but is not limited to, networking, system administration, enterprise services, desktop and user support, and application development. • Assist in the planning for, coordination of, and response to, security incidents.
Required Qualifications – Experience, Education, Knowledge & Skills
1. Bachelor’s degree and a track record of progressively responsible experience in information technology, or an equivalent combination of education and experience. 2. Advanced knowledge of network protocols, firewalls, and associated risks. 3. Hands-on systems and networking administration experience. 4. Demonstrated experience supporting ERP and other enterprise software and Web application environments. 5. Demonstrated experience with data loss prevention, vulnerability management, threat hunting, anti-malware tools, and SIEMs in a higher education environment. 6. Demonstrated experience providing both technical and functional users with training related to security best practices. 7. Demonstrated experience using a risk-based approach to identify and prioritize new initiatives. 8. Demonstrated experience with assessing functional requirements to ensure a balanced approach to security with business needs in mind. 9. Demonstrated experience with the implementation and maintenance of the principle of least privilege.
Preferred Qualifications – Experience, Education, Knowledge & Skills
1. A Bachelor’s degree with an emphasis on cybersecurity (Master’s degree preferred). 2. Demonstrated ability to coordinate among interdisciplinary units to work toward a common goal. 3. Experience working in a multi-campus higher education environment. 4. Experience responding to, and helping to manage, security incidents.
The Successful Candidate Will
•Ability to communicate effectively both verbally and in written form. • Demonstrated discretion in handling sensitive information and circumstances, including high-stress incident handling. • Ability to multi-task, prioritize, and rapidly re-prioritize a variety of tasks at different levels of complexity and urgency.
Position Special Requirements/Additional Information
This job description should not be construed as an exhaustive statement of duties, responsibilities or requirements, but a general description of the job. Nothing contained herein restricts Montana State University’s rights to assign or reassign duties and responsibilities to this job at any time.
This position is not eligible for sponsorship.
Physical Demands
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily with or without reasonable accommodations. The requirements listed above are representative of the knowledge, skill, and/or ability required.
This position has supervisory duties?: No
Posting Detail Information
Number of Vacancies: 1
Desired Start Date: Upon completion of a successful search
Position End Date (if temporary):
Open Date:
Close Date:
Applications will be:
Screening of applications will begin on November 20, 2025; however, applications will continue to be accepted until an adequate applicant pool has been established.
Special Instructions
EEO Statement
Montana State University is an equal opportunity employer. MSU does not discriminate against any applicant on the basis of race, color, religion, creed, political ideas, sex, sexual orientation, gender identity or expression, age, marital status, national origin, physical or mental disability, or any other protected class status in violation of any applicable law.
In compliance with the Montana Veteran’s Employment Preference Act, MSU provides preference in employment to veterans, disabled veterans, and certain eligible relatives of veterans. To claim veteran’s preference, please complete the veteran’s preference information located in the Demographics section of your profile.
Applicant Documents
Required Documents
1. Resume 2. Cover Letter
To apply, visit https://apptrkr.com/6704643
Montana State University
Bozeman, MT, USA
Controlled Unclassified Information, Information Systems Security Manager
Montana State University
Position Information
Announcement Number: STAFF - VA - 26148
For questions regarding this position, please contact: John Williams john.williams25@montana.edu 406-994-7841
Classification Title: IT Professional
Working Title: Controlled Unclassified Information, Information Systems Security Manager
Brief Position Overview
The Controlled Unclassified Information (CUI) Information Systems Security Manager (ISSM) will be responsible for the management and oversight of all CUI IT capabilities for Research, including planning, programming, and developing compliant IT capabilities for MSU stakeholders and contractors providing services, to ensure compliance with all evolving Research and CUI protection requirements. The Controlled Unclassified Information ISSM at Montana State University will report to the Chief Information Security Officer (CISO) in University Information Technology, supporting work across all MSU Research units under Research and Economic Development.
Position Number: 4C1114
Department: UIT Info Security
Division: VP for Information Technology
Appointment Type: Professional
Contract Term: Fiscal Year
Semester:
If other, specify From date:
If other, specify End date:
FLSA: Exempt
Union Affiliation: Exempt from Collective Bargaining
FTE: 1.0 FTE
Benefits Eligible: Eligible
Salary: $120,000 annually, commensurate with experience, education, and qualifications.
Contract Type: LOA
If other, please specify:
Recruitment Type: Open
Position Details
General Statement
The CUI Information Systems Security Manager supports Montana State University’s IT mission by developing and accessing compliant IT capabilities for Research contracts containing Controlled Unclassified Information (CUI) IT requirements in accordance with Executive Order 13556, 32 CFR 2002, Federal Acquisition Regulations (FAR), Defense Federal Acquisition Regulation Supplements (DFARS), the Defense Counterintelligence and Security Agency (DCSA) or other government entities who execute research contracts with MSU.
The CUI Information Systems Security Manager will remain current with training and guidance provided by the National Archives and Records Administration (NARA) and the Information Security Oversight Office (ISOO) as well as all requirements levied by federal government entities associated with MSU research contracts.
Duties and Responsibilities
This position will support stakeholders by developing and providing a compliant IT framework, processes, procedures, and resources required to work with CUI, including working with IT staff, researchers, and key stakeholders to design compliant solutions in order to meet functional needs; and direct efforts for support and troubleshooting of CUI IT issues.
This position will also work in required governmental systems of record to provide federal and state entities responses to compliance inquiries and to report compliance with established standards under NIST SP 800-171, the Cybersecurity Maturation Model Certification (CMMC) Program, and any newly established standards for information protection levied by research contracts or federal law.
Duties will include, but are not limited to, tasks such as the following: • Provide expertise and coordinate the development of University Research information security technical standards, guidelines, and procedures, based on a recognized framework of best practices and in support of Montana State University policies and regulations, such as Cybersecurity Maturity Model Certification (CMMC), NIST 800-171, and NIST 800-53. • Contribute CUI cybersecurity knowledge and information to assist with risk analysis and risk management activities, and security and compliance reviews. • Prepare and maintain system security plans (SSPs) and plans of action and milestones (POA&M) for various CUI IT capabilities supporting research projects. • In conjunction with the MSU Research Security Program, review research proposals with CUI elements and requirements, and develop contract-specific CUI Information Technology capabilities, as required. • Develop and implement the management of compliant CUI IT systems to effectively manage processes around user onboarding, offboarding and maintaining appropriate permissions for access to CUI IT resources, working in conjunction with the Office of Research Security and UIT’s Research CIO and team. • Develop processes for appropriate oversight and management of all CUI endpoints including inventory management, patching, auditing, inspecting, upgrading, troubleshooting and supporting necessary requirements for any endpoint accessing CUI information systems or otherwise processing CUI for any research contract. • Develop and maintain processes to manage user access and configuration for IT Information Systems and Servers and manage CUI IT user accounts and ensure that users with access are properly trained and using the resource in accordance with Technology Control Plans. • Develop or review Technology Control Plans and other required CUI documents in coordination with the MSU Research Security Program pertaining to Information Technology as needed. • Develop streamlined processes and procedures involving stakeholders to expedite training, access, oversight, and support for internal and external customers. • Conduct site-visits, inspections and audits at locations where MSU works with CUI to ensure IT security practices, procedures, policies, and guidance are being followed. • Utilize the Supplier Performance Risk System (SPRS) and other government or 3rd party systems of record to develop and provide reports and perform necessary actions to achieve or maintain compliance standards. • Actively remain current and knowledgeable on existing and newly emerging Federal Government standards, policies, regulations and laws pertaining to CUI Information Technology management and security control requirements. Secure industry-standard Information Assurance certifications appropriate to the position as required by management. • Perform supervisory functions directly and indirectly with Research IT employees in various departments across MSU. Oversee and direct the deployment of CUI policies, guidance and procedures, and work with centers, institutes and departments to ensure consistent implementation of Research CIO’s guidance for CUI within Research contracts.
Required Qualifications – Experience, Education, Knowledge & Skills
1. Demonstrated progressively responsible experience working with IT-focused management of information security programs. 2. Demonstrated experience working with Controlled Unclassified Information (CUI) pursuant to requirements in 32 CFR 2002. 3. Demonstrated knowledge and experience working with various security and regulatory compliance standards, such as the Cybersecurity Maturity Model Certification (CMMC); NIST SP 800-171 and NIST SP 800-53. 4. Demonstrated experience using written and verbal communication skills to present technical information and technical solutions. 5. Bachelor’s Degree in Information Systems, Computer Science, Computer Engineering or related, or an equivalent combination of education and experience.
Preferred Qualifications – Experience, Education, Knowledge & Skills
1. Master’s Degree in Information Technology or directly relevant discipline. 2. Experience working with US government security policies, regulations, and procedures to include implementation and management of compliance processes, procedures, and best practices. 3. Prior experience working in University Research environments with federal information protection requirements. 4. Demonstrated familiarity with any of the following key elements: Federal Acquisition Regulations (FAR), Defense Federal Acquisition Regulation Supplements (DFARS), the Information Security Oversight Office (ISOO) and/or the Defense Counterintelligence and Security Agency (DCSA) 5. If not already held, this position prefers the applicant to be capable of obtaining industry-standard Information Assurance certifications appropriate to this position such as Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA) or similar within 6 months of established requirement. 6. Current or previous US government security clearance
The Successful Candidate Will
• Provide proactive leadership and subject matter expertise to identify federal processes and procedures and responsively provide solutions for CUI requirements supporting Controlled Research. • Be results-focused and an active problem solver, able to successfully operate nearly autonomously in a complex, fast-paced environment. • Possess and utilize excellent written, public speaking, and other communication skills to effectively develop and deliver CUI content for a variety of stakeholders. • Appropriately handle sensitive information and circumstances, including during high-stress incidents. • Collaborate effectively with law enforcement, technical staff, and executive personnel at the university and within the Federal Government. • Continuously strive to improve existing programs to enhance information security, expedite support, establish cost-saving measures, and streamline CUI program processes.
Position Special Requirements/Additional Information
This position is contingent upon continuation of funding.
Remote or Hybrid work schedule may be considered.
The successful candidate must be able to comply with the federally mandated requirements of U.S. export control laws, which may require proof that candidate is a U.S. person. Per 22 CFR §120.62, U.S. person means a person who is a lawful permanent resident as defined by 8 U.S.C. 1101(a)(20) or who is a protected individual as defined by 8 U.S.C. 1324b(a)(3).
This position may require the ability to obtain a Security Clearance and/or meet other government-defined restrictions appropriate for work level and access.
Other security-related requirements will include receiving favorable background checks by state and federal agencies pursuant to federal law and regulations.
This job description should not be construed as an exhaustive statement of duties, responsibilities, or requirements, but a general description of the job. Nothing contained herein restricts Montana State University’s rights to assign or reassign duties and responsibilities to this job at any time.
Physical Demands
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily with or without reasonable accommodations. The requirements listed above are representative of the knowledge, skill, and/or ability required.
This position has supervisory duties?: Yes
Posting Detail Information
Number of Vacancies: 1
Desired Start Date: Upon completion of a successful search
Position End Date (if temporary):
Open Date:
Close Date:
Applications will be: Screening of applications will begin on October 27, 2025; however, applications will continue to be accepted until an adequate applicant pool has been established.
Special Instructions
EEO Statement
Montana State University is an equal opportunity employer. MSU does not discriminate against any applicant on the basis of race, color, religion, creed, political ideas, sex, sexual orientation, gender identity or expression, age, marital status, national origin, physical or mental disability, or any other protected class status in violation of any applicable law.
In compliance with the Montana Veteran’s Employment Preference Act, MSU provides preference in employment to veterans, disabled veterans, and certain eligible relatives of veterans. To claim veteran’s preference, please complete the veteran’s preference information located in the Demographics section of your profile.
Applicant Documents
Required Documents
1. Resume 2. Cover Letter
To apply, visit https://apptrkr.com/6614868
Full Time
Controlled Unclassified Information, Information Systems Security Manager
Montana State University
Position Information
Announcement Number: STAFF - VA - 26148
For questions regarding this position, please contact: John Williams john.williams25@montana.edu 406-994-7841
Classification Title: IT Professional
Working Title: Controlled Unclassified Information, Information Systems Security Manager
Brief Position Overview
The Controlled Unclassified Information (CUI) Information Systems Security Manager (ISSM) will be responsible for the management and oversight of all CUI IT capabilities for Research, including planning, programming, and developing compliant IT capabilities for MSU stakeholders and contractors providing services, to ensure compliance with all evolving Research and CUI protection requirements. The Controlled Unclassified Information ISSM at Montana State University will report to the Chief Information Security Officer (CISO) in University Information Technology, supporting work across all MSU Research units under Research and Economic Development.
Position Number: 4C1114
Department: UIT Info Security
Division: VP for Information Technology
Appointment Type: Professional
Contract Term: Fiscal Year
Semester:
If other, specify From date:
If other, specify End date:
FLSA: Exempt
Union Affiliation: Exempt from Collective Bargaining
FTE: 1.0 FTE
Benefits Eligible: Eligible
Salary: $120,000 annually, commensurate with experience, education, and qualifications.
Contract Type: LOA
If other, please specify:
Recruitment Type: Open
Position Details
General Statement
The CUI Information Systems Security Manager supports Montana State University’s IT mission by developing and accessing compliant IT capabilities for Research contracts containing Controlled Unclassified Information (CUI) IT requirements in accordance with Executive Order 13556, 32 CFR 2002, Federal Acquisition Regulations (FAR), Defense Federal Acquisition Regulation Supplements (DFARS), the Defense Counterintelligence and Security Agency (DCSA) or other government entities who execute research contracts with MSU.
The CUI Information Systems Security Manager will remain current with training and guidance provided by the National Archives and Records Administration (NARA) and the Information Security Oversight Office (ISOO) as well as all requirements levied by federal government entities associated with MSU research contracts.
Duties and Responsibilities
This position will support stakeholders by developing and providing a compliant IT framework, processes, procedures, and resources required to work with CUI, including working with IT staff, researchers, and key stakeholders to design compliant solutions in order to meet functional needs; and direct efforts for support and troubleshooting of CUI IT issues.
This position will also work in required governmental systems of record to provide federal and state entities responses to compliance inquiries and to report compliance with established standards under NIST SP 800-171, the Cybersecurity Maturation Model Certification (CMMC) Program, and any newly established standards for information protection levied by research contracts or federal law.
Duties will include, but are not limited to, tasks such as the following: • Provide expertise and coordinate the development of University Research information security technical standards, guidelines, and procedures, based on a recognized framework of best practices and in support of Montana State University policies and regulations, such as Cybersecurity Maturity Model Certification (CMMC), NIST 800-171, and NIST 800-53. • Contribute CUI cybersecurity knowledge and information to assist with risk analysis and risk management activities, and security and compliance reviews. • Prepare and maintain system security plans (SSPs) and plans of action and milestones (POA&M) for various CUI IT capabilities supporting research projects. • In conjunction with the MSU Research Security Program, review research proposals with CUI elements and requirements, and develop contract-specific CUI Information Technology capabilities, as required. • Develop and implement the management of compliant CUI IT systems to effectively manage processes around user onboarding, offboarding and maintaining appropriate permissions for access to CUI IT resources, working in conjunction with the Office of Research Security and UIT’s Research CIO and team. • Develop processes for appropriate oversight and management of all CUI endpoints including inventory management, patching, auditing, inspecting, upgrading, troubleshooting and supporting necessary requirements for any endpoint accessing CUI information systems or otherwise processing CUI for any research contract. • Develop and maintain processes to manage user access and configuration for IT Information Systems and Servers and manage CUI IT user accounts and ensure that users with access are properly trained and using the resource in accordance with Technology Control Plans. • Develop or review Technology Control Plans and other required CUI documents in coordination with the MSU Research Security Program pertaining to Information Technology as needed. • Develop streamlined processes and procedures involving stakeholders to expedite training, access, oversight, and support for internal and external customers. • Conduct site-visits, inspections and audits at locations where MSU works with CUI to ensure IT security practices, procedures, policies, and guidance are being followed. • Utilize the Supplier Performance Risk System (SPRS) and other government or 3rd party systems of record to develop and provide reports and perform necessary actions to achieve or maintain compliance standards. • Actively remain current and knowledgeable on existing and newly emerging Federal Government standards, policies, regulations and laws pertaining to CUI Information Technology management and security control requirements. Secure industry-standard Information Assurance certifications appropriate to the position as required by management. • Perform supervisory functions directly and indirectly with Research IT employees in various departments across MSU. Oversee and direct the deployment of CUI policies, guidance and procedures, and work with centers, institutes and departments to ensure consistent implementation of Research CIO’s guidance for CUI within Research contracts.
Required Qualifications – Experience, Education, Knowledge & Skills
1. Demonstrated progressively responsible experience working with IT-focused management of information security programs. 2. Demonstrated experience working with Controlled Unclassified Information (CUI) pursuant to requirements in 32 CFR 2002. 3. Demonstrated knowledge and experience working with various security and regulatory compliance standards, such as the Cybersecurity Maturity Model Certification (CMMC); NIST SP 800-171 and NIST SP 800-53. 4. Demonstrated experience using written and verbal communication skills to present technical information and technical solutions. 5. Bachelor’s Degree in Information Systems, Computer Science, Computer Engineering or related, or an equivalent combination of education and experience.
Preferred Qualifications – Experience, Education, Knowledge & Skills
1. Master’s Degree in Information Technology or directly relevant discipline. 2. Experience working with US government security policies, regulations, and procedures to include implementation and management of compliance processes, procedures, and best practices. 3. Prior experience working in University Research environments with federal information protection requirements. 4. Demonstrated familiarity with any of the following key elements: Federal Acquisition Regulations (FAR), Defense Federal Acquisition Regulation Supplements (DFARS), the Information Security Oversight Office (ISOO) and/or the Defense Counterintelligence and Security Agency (DCSA) 5. If not already held, this position prefers the applicant to be capable of obtaining industry-standard Information Assurance certifications appropriate to this position such as Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA) or similar within 6 months of established requirement. 6. Current or previous US government security clearance
The Successful Candidate Will
• Provide proactive leadership and subject matter expertise to identify federal processes and procedures and responsively provide solutions for CUI requirements supporting Controlled Research. • Be results-focused and an active problem solver, able to successfully operate nearly autonomously in a complex, fast-paced environment. • Possess and utilize excellent written, public speaking, and other communication skills to effectively develop and deliver CUI content for a variety of stakeholders. • Appropriately handle sensitive information and circumstances, including during high-stress incidents. • Collaborate effectively with law enforcement, technical staff, and executive personnel at the university and within the Federal Government. • Continuously strive to improve existing programs to enhance information security, expedite support, establish cost-saving measures, and streamline CUI program processes.
Position Special Requirements/Additional Information
This position is contingent upon continuation of funding.
Remote or Hybrid work schedule may be considered.
The successful candidate must be able to comply with the federally mandated requirements of U.S. export control laws, which may require proof that candidate is a U.S. person. Per 22 CFR §120.62, U.S. person means a person who is a lawful permanent resident as defined by 8 U.S.C. 1101(a)(20) or who is a protected individual as defined by 8 U.S.C. 1324b(a)(3).
This position may require the ability to obtain a Security Clearance and/or meet other government-defined restrictions appropriate for work level and access.
Other security-related requirements will include receiving favorable background checks by state and federal agencies pursuant to federal law and regulations.
This job description should not be construed as an exhaustive statement of duties, responsibilities, or requirements, but a general description of the job. Nothing contained herein restricts Montana State University’s rights to assign or reassign duties and responsibilities to this job at any time.
Physical Demands
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily with or without reasonable accommodations. The requirements listed above are representative of the knowledge, skill, and/or ability required.
This position has supervisory duties?: Yes
Posting Detail Information
Number of Vacancies: 1
Desired Start Date: Upon completion of a successful search
Position End Date (if temporary):
Open Date:
Close Date:
Applications will be: Screening of applications will begin on October 27, 2025; however, applications will continue to be accepted until an adequate applicant pool has been established.
Special Instructions
EEO Statement
Montana State University is an equal opportunity employer. MSU does not discriminate against any applicant on the basis of race, color, religion, creed, political ideas, sex, sexual orientation, gender identity or expression, age, marital status, national origin, physical or mental disability, or any other protected class status in violation of any applicable law.
In compliance with the Montana Veteran’s Employment Preference Act, MSU provides preference in employment to veterans, disabled veterans, and certain eligible relatives of veterans. To claim veteran’s preference, please complete the veteran’s preference information located in the Demographics section of your profile.
Applicant Documents
Required Documents
1. Resume 2. Cover Letter
To apply, visit https://apptrkr.com/6614868
