More About the Role:
This canidate will serve as IA and will be primary support for Development and Engineering. As a member of the Development and Engineering team, the candidate will be the Technical Subject Matter Expert for cyber security in the area of IT systems and application source code vulnerability assessment using variety of commercial based tools ensuring applications are secure. Additional tasks include:
• Review and coordinate guidelines and policies surrounding risk and security
• Analyze audit data for current and future systems, implement the right security strategy for NASA IT systems.
• Document best practices for security and information assurance based on business and user requirements
• Monitor and implement information assurance/security standards and procedures
• Coordinate, develop, and evaluate security programs for the organization. Recommend information assurance/security solutions to support customer requirements.
• Determine implementation strategies for information assurance and security requirements based on the analysis of user, policy, regulatory, and resource demands
• Perform vulnerability/risk analyses of computer systems and applications during all phases of the system development life cycle.
What You'll Get to Do:
-Applies comprehensive knowledge of concepts, processes, practices, and procedures on technical assignments.
-Determines enterprise information assurance and security standards. Develops and implements information assurance/security standards and procedures. Coordinates, develops, and evaluates security programs for an organization.
-Recommends information assurance/security solutions to support customers' requirements. Identifies, reports, and resolves security violations.
-Establishes and satisfies information assurance and security requirements based upon the analysis of user, policy, regulatory, and resource demands.
-Supports customers at the highest levels in the development and implementation of doctrine and policies. Applies know-how to government and commercial common user systems, as well as to dedicated special purpose systems requiring specialized security features and procedures.
-Performs analysis, design, and development of security features for system architectures. Analyzes and defines security requirements for computer systems which may include mainframes, workstations, and personal computers.
Designs, develops, engineers, and implements solutions that meet security requirements. Provides integration and implementation of the computer system security solution.
-Analyzes general information assurance-related technical problems and provides basic engineering and technical support in solving these problems.
-Performs vulnerability/risk analyses of computer systems and applications during all phases of the system development life cycle.
-Performs all procedures necessary to ensure the safety of information systems data assets and to protect systems from intentional or inadvertent access or destruction. Ensures that all information systems are functional and secure.
You'll Bring These Qualifications:
-Requires BS Degree and 4-8 years of prior relevant experience or Masters with 2-6 years of prior relevant experience.
-Ability to obtain a Public Trust Clearance.
• Experience in Federal Information System Management Act (FISMA) reporting and other information assurance assurance-related compliance reporting.
• Supports Information Assurance Certification and Accreditation (C&A) and associated IA processes, procedures, and activities with capability and expertise to implement NIST and CNSS IA directives, instructions, guidelines.
• Capability to implement solutions that meet network and system security requirements and perform vulnerability/risk analyses of computer systems, networks and applications.
• Experience in supporting the formal testing required by government accrediting authorities, and preparing System Security Plans.
• Understanding of IA/IO concepts such as: Access Control, User Authentication & Identity Management, Vulnerability and Malware Analysis.