Support NASA as part of the ATOM (Aerospace Testing, Operations and Maintenance) contract at the NASA Ames Research Center. You will be supporting one of the only arc-jet test facilities in the world and supporting every NASA space mission that enters a planetary body with an atmosphere. "If it goes through an atmosphere, it goes through Ames!"
The Computer Systems Security Analyst requires knowledge and experience with federal security regulations, standards, and processes including FISMA, FIPS, FedRAMP, NIST SP 800-37, NIST SP 800-60 and NIST SP 800-53. Solid understanding of security protocols, cryptography, authentication, authorization, and security is required, as well as experience with the review and creation of mitigation reports from compliance and vulnerability scanning tools.
Primary Responsibilities:
Analyze and communicate opportunities for efficiency as well as nuances. Identify gaps and work very closely with multiple stakeholders to resolve Plan of Action and Milestones (POAMs).
Proven track-record of managing the assessment, deployment, and delivery of accreditation of information systems.
Build and maintain relationships with stakeholders as systems are assessed and accredited.
Review and provide written technical documentation for the security posture of information systems throughout the entire system development lifecycle.
Provide continuous monitoring through scheduled audits, controls testing, audit reviews, and escalate issues as needed. Responsible for tracking POAM due dates and ensuring business partners are able to remediate or escalate for discussion.
Document and ensure the system is compliant with NASA mandated security policies.
Perform data entry of system security plan data, Plan of Action & Milestones (POA&Ms), and Risk-Based Decisions (RBDs).
Support and train RSA Archer/RISCS users, including use of inline- and bulk-editing capabilities.
Writes policy, procedures, and standards on the secure deployment and maintenance of information technology systems for internal system management and technical guidance.
Ability to contribute concise written input to monthly or other reports as required by management.
ESSENTIAL FUNCTIONS OF THE POSITION
Unusual or Special Physical Requirements of Position
Multiple workstation assignments (office, test facility, control room, laboratory, shops, etc.). Transportation of notebooks, drawings, forms, sensors, etc. required. Ability to hear normal conversation. One eye (minimum) correctable to 20/20. Ability to distinguish eight colors on basic panel displays and wiring. Ability to manipulate small and delicate instruments and wiring.
Description of Work Environment
Work is accomplished in an office, control room, and in and around test facility buildings. Movement is required between these work areas as well as trips to the client or user's facility. Some work areas are high in noise.
Equipment and Machines Involved in Work Tasks
Office and control room equipment includes computers, calculators, electronic instruments, mechanical instruments, and miscellaneous precision measuring devices.
Criticality of Attendance
Normal working hours are 7:30 AM - 4:00 PM. A "compressed" schedule with 9 hour days and every other Friday off is available.
Other Essential Functions
Must be able to obtain a NASA badge and gain access to the work facilities.
Our health and welfare benefits are designed to invest in you, and in the things you care about. Your health. Your well-being. Your security. Your future. Eligible employees and their dependents may elect medical, dental, vision, and basic life insurance. Employees are able to enroll in our company's 401k plan, and, if eligible, a deferred compensation plan and Executive Deferral Plan. Employees will also receive 10 days of vacation per year, and 11 paid holidays. Hired applicants will be able to purchase company stock and have the opportunity to receive a performance discretionary bonus.
The base salary range for this position is 112,400 - 202,300 . This range reflects the minimum and maximum target for new hire salaries for the position across all US locations. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training.
Bachelor's degree in Engineering, Computer Science, Information Systems/IT, Mathematics or similar technical discipline.
5+ years of experience serving as an ISSO, ISSM, Cybersecurity Engineer/Analyst, or RISC Analyst.
Knowledge and experience with federal security regulations, standards, and processes including FISMA, FIPS, FedRAMP, NIST SP 800-37, NIST SP 800-60 and NIST SP 800-53.
Solid understanding of security protocols, cryptography, authentication, authorization, and security.
Experience with the review and creation of mitigation reports from compliance and vulnerability scanning tools (Nessus, SCAP).
Experience with Governance, Risk and Compliance tools and technologies such as RSA Archer.
Strong writing skills for clear communication of all related artifacts and analysis.
Self-starter, customer focused, excellent communicator and ability to work with limited supervision.
Microsoft Office, Adobe Acrobat and Visio.
Must be able to obtain a NASA badge, gain access to the facilities, and pass a Security Clearance as required by the employer.