Join our Talent Network >

Senior Cyber ISSO Analyst

Job ID: 215460
Location: GREENBELT, MD, United States
Date Posted: Apr 13, 2021
Category: Cyber
Subcategory: Cyber GRC
Schedule: Full-time
Shift: Day Job
Travel: Yes, 25 % of the Time
Minimum Clearance Required: Secret
Clearance Level Must Be Able to Obtain: Secret
Potential for Remote Work: No
Benefits: Click here

Share: mail

Job Description

Description

JOB DESCRIPTION: SAIC is in search of a Senior ISSO and Cyber Security Analyst to be part of a unique security team for NASA's Space Exploration Network Services and Evolution (SENSE) program. SAIC supports the prime contractor who performs systems architecture and engineering, development, integration, testing, operations, maintenance, and sustaining services for space and ground systems and facilities. These include NASA’s Space Network, Near Earth Network, Satellite Laser Ranging Network, Very Long Baseline Interferometry Network, and Electronic Systems Test Laboratory. Flight operations and sustaining services are required for NASA’s Tracking and Data Relay Satellites. System architecture, system engineering, and development services are evolving NASA’s networks to efficiently and effectively provide innovative space communications and navigation solutions to enable new science and exploration. Additionally, electromagnetic spectrum management, communications link analyses, and networking loading assessments are required to integrate network services for new customer missions.

This ISSO position will support sustaining, operations and maintenance services performed in a lab for ground systems at NASA’s Goddard Space Flight Center in Greenbelt, Maryland

This is an IT Security position responsible for the planning and coordinating of all aspects of system security, including the maintainence of the Information Assurance (IA) processes, system baselines, and hardening procedures, encryption management, virus protection policy, and maintaining IT Security documentation for NASA projects. One of the main tasks of this position is to maintain the Assessment and Authorization (A & A) activity lifecycle for selected NASA projects - renewal and maintaining ATO (Authorization to Operate). Other critical duties include: Conducting System and Network Vulnerability Scans, Incident Handling and Response, Assessing System Risk and Compliance, and performing Security Device maintenance. The employee will be expected to perform their own informal IT Security reviews, take part in formal Agency Assessment and Authorization activities annually, as well as Federal IT Security Audits as they occur.
- NIST 800-53 Rev 4 control Assessments for NASA Projects
- Implement & monitor customer IT Security policies (NASA Baseline Standards)
- Ongoing system posture & risk level monitoring
- Support Accreditation and Authorization (A&A) requirements for program life cycle  - from system proposal to system disestablishment
- Incident Response  - communication, equipment handling, cleanup management, customer coordination
- Annual System Review  - Risk assessment, Control Assessment, Inventory tracking
- Antivirus Scans and Updates (DAT Files)
- System Security Plans  - draft, review, update/maintain, all supporting IT Security Documents
- Software Requests  - approvals, documentation, coordination with users & System Administrators
- Disaster Recovery  - documentation, Updates and annual disaster scenario walk-throughs
- Customer meetings  - represent the SAIC in Customer Project Meetings
- Communicate with Information System Owners and other customer designated officials
- FIPS 140- 2 certified Device Configuration and management
- Vulnerability Scans using Nessus and McAfee MVM
- NASA IT Security Software: Dell Kace, Splunk, Symantec SEP, RSA Archer, IBM BigFix
- ISSO Related Training as required by the Customer
- SBU/CUI Briefing for new employees

Qualifications

TYPICAL EDUCATION AND EXPERIENCE:  

- Bachelors and nine (9) years or more of related experience; Masters and seven (7) years or more of related experience; PhD or JD and four (4) years or more of related experience

- A minimum of 6+ years' experience supporting Windows XP, Windows 7, Server 2003, and Server 2008R2 is required

- CISSP certification or CRISC certification

- At least two years’ experience with creating/maintaining and renewal by supporting assessments for Authorization to Operate (ATO)

- Three years of System Security Plan document maintenance and ATO related documentation (Contingency Plan, Risk Assessment Plan, Continuous Monitoring plan, Maintenance Plan, Configuration Management Plan)

- At least one year performing vulnerability scans

- At least two years working off POAMs




Overview

SAIC is a premier technology integrator solving our nation's modernization and readiness challenges. Our offerings across defense, space, civilian, and intelligence markets include high-end solutions in engineering, IT, and mission outcomes. We integrate the best components from our portfolio with our partner's ecosystem to deliver innovative and effective solutions. We are 25,500 strong; driven by mission, united by purpose, and inspired by opportunities. Headquartered in Reston, VA, SAIC has annual revenues of nearly $7.1 billion. For information, visit saic.com or Working at SAIC for benefits details. SAIC is an Equal Opportunity Employer empowering people no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status. We strive to create a diverse, inclusive and respectful work culture that values all.

Share: mail

Similar Jobs

NASA Cyber Security Engineer Principal

GREENBELT, MD, United States
Cyber

Senior Cyber ISSO Analyst

GREENBELT, MD, United States
Cyber