Arctic Slope Technical Services is seeking an individual skilled in cybersecurity and its applicability in the cloud to join the Cybersecurity Services and Integration Division at NASA Goddard Space Flight Center (GSFC).
The successful candidate will have:
Knowledge and experience deploying, applying appropriate security control configurations/mitigations, and administering various Operating Systems to include Linux, Windows, MacOSX in standalone, client/server, and cloud-based environments (private, hybrid and commercial).
Strong understanding of federal cybersecurity standards including but not limited to NIST, FIPS, FedRAMP and NASA Security standards and policies to assist Information System Owners (ISOs), Information System Security Officers/Engineers (ISSOs/ISSEs) in providing proper controls and documentation to receive Authority To Operate (ATO) from NASA Authorizing Officials (AOs).
Demonstrated use of the NIST Risk Management Framework, including the NIST Special Publication (SP) series and other documents (i.e., recent revisions of SP800-53, FIPS-199/200, NIST Cybersecurity Framework) in the Cloud in AWS, Azure, OpenStack or Google Cloud Platform.
Ability to identify and apply security policies, mitigation and remediation strategies, and engineer security solutions beginning in the design and development phases through post implementation and assessment phases of projects with expertise in commercial Cloud and data security, and have expertise in commercial Cloud based systems architectures, applications, and infrastructure security.
Provide Cybersecurity expertise and identify where internal and external controls are necessary, and exercising and implementing those controls. Key is the ability to address and apply security controls in real world scenario and offering mitigating solutions to found weaknesses in related control areas.
Ability to analyze threats to Cloud based environments and recommend or deploy countermeasures/mitigations, and analyze and assess the security integrity of Cloud based computing environments in development, and in operation IAW federal, NASA, and Industry requirements and standards.
Competence with Cloud security services, to include in the AWS example: Identity Access Management (IAM), CloudWatch, CloudTrail, Key Management System (KMS), and/or Inspector.
Prior experience in an Information System Security Officer (ISSO) role, to manage security posture and respond to findings in Security Assessment Reports, including the lifecycle of POA&Ms and RBDs.
BS degree in computer science or other technical/cyber security related fields, with advanced degree desired.
15 years of relevant work experience.
Desirable certifications: CCSP, CCSK, CCSS, OSCP, CEH, CISSP, Security+, AWS, Cisco, Juniper, Microsoft.
Knowledge of security tools including BigFix.
Coding and scripting ability.
Must have good understanding of the Open Standards Interconnect (OSI) model
Must have experience deploying, configuring, and securing Internet Protocol (IP) and IP Networks
Customer relationship management is a must! Applicant must be able to respond to varying levels of customers with professionalism and positivity.
Provide great communication skill to all types of audiences, including advising key stakeholders and senior NASA management. Ability to communicate ideas and solutions both in writing and orally to team members and customers to provide overall assessments of the Cloud security posture to CISO and to NASA mission project teams.
5+ years of IT Security experience.
Occasional travel may be required.
Possess or be able to obtain and maintain a federal TOP SECRET/SCI security clearance.
ASRC Federal and its Subsidiaries are Equal Opportunity / Affirmative Action employers. All qualified applicants will receive consideration for employment without regard to race, gender, color, age, sexual orientation, gender identification, national origin, religion, marital status, ancestry, citizenship, disability, protected veteran status, or any other factor prohibited by applicable law.