NASA Cloud Security Analyst

Job Description

Description

SAIC is seeking an experienced and dynamic cloud technologies engineer to support the NASA Independent Verification & Validation (IV&V) Program headquarterd in Fairmont, WV.  This role serves as SAIC Lead at NASA IV&V for a wide range of cloud security services, working directly with NASA civil service management and leads to capture and plan cloud work supporting external NASA and other federal agencies.

Responsibilities include:

• Supporting NASA IV&V Leads in engaging NASA management and external customers related to cloud security work
  • Developing project plans for engagements with individual external customers
  • Developing general capabilities brief materials and more specific presenation materials
• Leading the technical team performing the work, as well as executing project tasks
  • Projects will typically be small project teams of 1-4 analysts, and this role includes performing technical work on many, if not all, cloud projects
• Serves as a program asset as subject matter expert (SME) related to cloud and security technologies
• Provides SAIC program management with planning inputs and execution status to plan and perform Task Orders on our contract with NASA

Qualifications

TYPICAL EDUCATION AND EXPERIENCE: Bachelors and fourteen (14) years or more experience; Masters and twelve (12) years or more experience; PhD or JD and nine (9) years or more experience.

MINIMUM QUALIFICATIONS:

• Experience with NIST Risk Management Framework (RMF) governance / risk assessment processes for a government agency including the following focus areas
  • Assessing or implementing NIST 800-53 security controls
  • Writing or evaluating NIST RMF artifacts (SSP and attachments, Security Assessment Plans, Security Assessment Reports)
  • Vulnerability assessment and risk analysis (understanding and analyzing vulnerability scan results)
• Experience with the FedRAMP implementation of the NIST RMF and related shared security control responsibility model including assessing residual risk from cloud service infrastructure as it might apply to cloud service use by the consumer
• Experience with one or more of the major Infrastructure as a Service (IaaS) model cloud service providers (AWS, Azure or Google Cloud)—specifically, the use and/or implementation of security services and tools from these providers
• Attention to detail; inquisitive and persistent nature

DESIRED QUALIFICATIONS:

• 7-10 years of experience with NIST RMF for a government agency
• 2-3 years of experience with FedRAMP
• 2-3 years of experience with one or more of the major IaaS model cloud service providers
• 2-3 years of experience with engineering/architecting solutions in the cloud
• Familiarity with penetration testing techniques and tools that are cloud-aware or directed
• A cloud technology-related or solutions-architect certification from one of the three major IaaS providers

Overview

SAIC® is a premier Fortune 500® technology integrator driving our nation's technology transformation. Our robust portfolio of offerings across the defense, space, civilian, and intelligence markets includes secure high-end solutions in engineering, digital, artificial intelligence, and mission solutions. Using our expertise and understanding of existing and emerging technologies, we integrate the best components from our own portfolio and our partner ecosystem to deliver innovative, effective, and efficient solutions that are critical to achieving our customers' missions.

We are more than 26,500 strong; driven by mission, united by purpose, and inspired by opportunities. SAIC is an Equal Opportunity Employer, fostering a respectful work culture based on diversity, equity, and inclusion that values all contributors. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $7.1 billion. For more information, visit saic.com.