Join our Talent Network >

NASA Information Systems Security Officer

Job ID: 214346
Location: STENNIS SPACE CENTER, MS, United States
Date Posted: Apr 21, 2021
Category: Cyber
Subcategory: Cybersecurity Spec
Schedule: Full-time
Shift: Day Job
Travel: No
Minimum Clearance Required: Interim Secret
Clearance Level Must Be Able to Obtain: Secret
Potential for Remote Work: No
Benefits: Click here

Share: mail

Job Description

Description

Detailed Job Description for the Positions:

SAIC is looking to hire an Information Systems Security Officer (ISSO) supporting the National Center for Critical Information Processing and Storage (NCCIPS).  The ISSO will be a part of a collaborative, dynamic team in a mission-focused environment supporting the NASA NCCIPSv2 Contract.  The ISSO will support the analysis, security threats and development tactics, techniques, and processes to mitigate potential security concerns. You should have detailed knowledge of IT security requirements supporting a Federal Information System (IS) and have a general understanding of how IT systems and network hardware works and interacts together. The ISSO should also possess the ability to work as part of a dynamic team and thrive when learning new technologies. 

 

Position is an ON-SITE Position with a requirement to be ON-SITE at Stennis Space Center in Mississippi.  Teleworking is authorized up to ONE Day per week based on schedule and activities with required coordination with the Department Manager prior to scheduling.  Full-time Remote work is not authorized for this position.

 

Responsibilities:

  • Serve as the Information System Security Officer (ISSO) for Federal Information Security Management Act (FISMA) Information System Security Plans following the NIST Risk Management Framework (RMF) supporting the NCCIPS Facility.
  • The ISSO will be responsible for maintaining systems security plans, contingency plan testing and associated system accreditation activities required to maintain Authority to Operate (ATO) per the NSSC Guidelines.
  • Coordinate directly with the NASA/NCCIPS Information System Owner (ISO), NSSC Senior Information Security Officer (SISO), NCCIPS Management Team, and other NSSC Security related resources to address IT System Security concerns or issues related to the Information Systems.
  • Manage and facilitate the Plan of Action and Milestones (POA&Ms) and Risk Based Decisions (RBDs) in the NASA RSA Archer Risk Information Security Compliance System (RISCS) associated with the Information Systems.
  • Implement and perform credentialed vulnerability scans against the Information Systems utilizing the Tenable Nessus Security Center Vulnerability Scanning System. Create work orders assigned to the Systems and Network Administrators for remediation of discovered vulnerabilities. Implement vulnerability remediation timelines in accordance with NASA policy.
  • Participate in Security Controls Assessments as a part of Continuous Monitoring. Review and update Implementation Details of Security Controls in the RISCS system when required.
  • Review and implement remediation requirements set forth by NASA Security Operations Center Mitigation Action Requirements and Situational Awareness Reports (SOC MARs and SARs) when applicable.
  • Create and update security incidents in the NASA SOC Incident Management System (IMS) for discovered or reported security incidents at the NCCIPS Data Center.
  • Monitor and report security status of the Information Systems to NASA and NCCIPS management weekly and monthly.
  • Perform Ongoing Security Impact Risk Assessments (SIARs) against software and hardware installations currently deployed within the accreditation boundary of the Information Systems and new Assessments of new potential hardware or software that is being considered for installation.
  • Review and regularly update information and physical security documentation for the NCCIPS Facility.
  • Provide support for general Information Security systems in the form of physical security systems and information technology security systems supporting a large facility and the federal customers residing within the space.
  • Review/Approve photos and drawings from within the NCCIPS Facility to ensure there isn’t any Sensitive but Unclassified (SBU) information, implement edits when applicable, and/or ensuring that the necessary markings and restrictions are correctly applied on the drawings when necessary.
  • Ensure vendor devices are compliant with security requirements outlined for the facility.
  • This critical role requires the applicant to be a self-starter and willingness to initiate communication with SAIC management and various Government agencies for support and/or compliance requirements.
  • The position requires daily support of system users, interaction with SAIC management and occasional interaction with Government personnel.
  • Candidate will be responsible for administrative processing, compliance reporting, training, and document creation as required.
  • Implement and ensure compliance with all NASA information system IA policies and procedures.
  • Candidate will be expected to participate in the weekly security meetings as required.
  • Candidate will directly interact with users and system administrators.

Qualifications

Education:

  • Bachelor’s Degree amd two (2) years or more of experience. 
  • Additional experience may be used in substitution for degree requirements: IE: Associates and 5 years of experience, or 7 years of related experience working in Information Technology and Information Security. 

Desired Certifications: 

  • Security+ Certification is a Plus but not required
  • CISSP, CISM, CAP, CASP+, etc is a Plus but not required

Skills/Experience:

  • Must be knowledgeable and experienced in information systems security in order to assure enforcement of SAIC, NASA Agency and federal government regulations.
  • Must have a working knowledge and understanding of NIST 800-53 and NIST RMF.
  • Knowledge and understanding of various Government Information Assurance requirements to include USGCB Baselines, NIST Guidelines, CIS Benchmarks, or other NASA IA Regulations supporting NASA IT Systems.
  • Candidate should have a basic/general understanding of various Federal Information Processing Standards (FIPS).
  • Experience with Microsoft Office Products to include Project, Word, Excel and PowerPoint.
  • Experience using Tenable Nessus, BigFix, Network Monitoring, Incident Management System, Splunk or other IT Security Tools
  • General Experience/Understanding of System Administration within a Windows Desktop/Server environment and/or Cisco Network Infrastructure.
  • General Experience/Understanding of Virtual Environments using VMWare or Microsoft HyperV Solutions.
  • Excellent oral and written communication skills, excellent facilitation skills, and the ability to lead brainstorming sessions.
  • Capabilities and understanding to follow existing processes/procedures and able to identify corrections or changes to those processes/procedures.  Candidate should also be able to develop and fully document new processes/procedures for new system installations.
  • Capabilities and understanding to follow processes and procedures, while also completing required paperwork and requirements as necessary to complete the job.
  • The candidate must demonstrate a basic understanding of network infrastructure and topology capabilities. 
  • Experience working with NASA or other similar government agencies is a plus.
  • Understanding of the general requirements outlined in the Intelligence Community Directive/Intelligence Community Standard 705 for secured government spaces. (Not Required)

Education:

  • Bachelor’s Degree in a related field and 3 years or more experience working in Information Technology and Information Security;
  • Additional experience may be used in substitution for degree requirements: IE: Associates and 5 years of experience, or 7 years of related experience working in Information Technology and Information Security. 
  • Security+ Certification is a Plus but not required
  • CISSP, CISM, CAP, CASP+, etc is a Plus but not required

Security Clearance and Background Investigations:

  • US Citizenship is required.
  • Candidate selected must have a current/active secret security clearance prior to employment.
  • Interim clearances are acceptable, with the requirement that a full clearance must be granted within a reasonable amount of time.
  • Position requires background verifications, which may consist of education, employment, credit, criminal and driving records. Favorable results are required for employment.

 

Desired Skills: 

  • Candidate must possess the ability to operate independently without supervision.
  • Be Self-driven and able to maintain schedule and responsibilities with minimum supervision required. 
  • Be Able to work under only general direction. 
  • Be Able to independently determine and develop approach to solutions.
  • Demonstrate good judgment in selecting methods and techniques for obtaining solutions.



Overview

SAIC is a premier technology integrator solving our nation's modernization and readiness challenges. Our offerings across defense, space, civilian, and intelligence markets include high-end solutions in engineering, IT, and mission outcomes. We integrate the best components from our portfolio with our partner's ecosystem to deliver innovative and effective solutions. We are 25,500 strong; driven by mission, united by purpose, and inspired by opportunities. Headquartered in Reston, VA, SAIC has annual revenues of nearly $7.1 billion. For information, visit saic.com or Working at SAIC for benefits details. SAIC is an Equal Opportunity Employer empowering people no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status. We strive to create a diverse, inclusive and respectful work culture that values all.

Share: mail