Founded in 1987 by the late David Packard, MBARI is a nonprofit oceanographic research center advancing marine science and engineering to understand our changing ocean. Located in Moss Landing, California, the heart of the Monterey Bay National Marine Sanctuary, MBARI offers ready access to the open ocean and deep sea. Ongoing research programs range across autonomous and remotely operated underwater vehicle systems, control technologies, ocean physics, chemistry, geology, biology, ocean instrumentation, and information management. MBARI hosts approximately 200 employees, with shore facilities that include state-of-the-art science and engineering laboratories, manufacturing and electrical fabrication shops, and dock facilities for MBARI vessels.

The Monterey Bay Aquarium Research Institute is seeking an experienced Information Systems Security Administrator that is driven to bring quality and passion to their work. In the pursuit of better understanding the Ocean, MBARI heavily emphasizes an environment of collaboration across all of our teams of researchers, engineers, and staff. Located directly on the beach in Moss Landing, CA, our offices and related facilities support this collaborative effort by providing unprecedented access to the Ocean.

Reporting to the Information Systems Manager, you will contribute directly to designing, deploying, and maintaining the security and operations of information systems in use at MBARI. Primarily focusing on Cybersecurity, you will also have the opportunity to expand your knowledge in other IT-related focus areas.

Primary responsibilities:
● Propose, implement, and maintain cybersecurity policies for both land-based facilities as well as sea-going assets, including research vessels.
● Manage cybersecurity protections for the organization’s infrastructure of information systems, defining and applying policies and deploying security-focused software solutions.
● Implement controls to ensure compliance with appropriate and established frameworks.
● Monitor, analyze, and respond to security incidents and threats to mitigate risks and maintain the integrity of the organization’s data and systems.
● Collaborate with cross-functional teams to develop and implement cybersecurity strategies and initiatives to enhance the organization’s overall security posture.
● Stay up-to-date on emerging cybersecurity threats, trends, and technologies to proactively recommend and implement security enhancements.
● Provide technical support and troubleshooting assistance to resolve cybersecurity-related issues and incidents.
● Assist in the development and delivery of cybersecurity training and awareness programs for employees to promote a culture of security awareness and compliance.
● Participate in compliance audits and assessments, including preparing documentation and reports, to ensure adherence to regulatory requirements and industry standards.
● Participate in disaster recovery scenarios and advise in best-practices related to disaster recovery.
● Oversee management and deployment of institute antivirus/EDR/XDR.
● Perform other Information Systems Administrator duties as assigned.

Required qualifications:
● 2-3 Years general systems administration experience, including familiarity with network protocols, server operating systems, cloud computing platforms, virtualization, etc.
● 2-3 Years of proven experience as an Information Systems Administrator with a focus on cybersecurity.
● In-depth knowledge of cybersecurity principles, practices, and technologies, with a strong understanding of frameworks including NIST CSF.
● Hands-on experience with security tools and technologies such as firewalls, intrusion detection/prevention systems, EDR/XDR, encryption, etc.
● Strong analytical and problem-solving skills with the ability to quickly identify and resolve security issues.
● Excellent communication and interpersonal skills, with the ability to effectively collaborate with stakeholders at all levels of the organization.
● Must be willing to go to sea aboard a research vessel for occasional short specified periods.

Desired qualifications:
● Experience with the management and administration of network switches, routers, and wireless infrastructure.
● Experience with the management and administration of web servers such as apache and nginx.
● Relevant certifications such as CISSP, CISM, CompTIA Security+, etc