Senior Cyber Security Engineer - Pasadena, United States - Spacesystemsusa

    Spacesystemsusa
    Spacesystemsusa Pasadena, United States

    2 weeks ago

    Default job background
    Description


    If you are unable to complete this application due to a disability, contact this employer to ask for an accommodation or an alternative application process.

    Senior Cyber Security Engineer

    Full Time 40

    Telecommuting, Lanham, MD, US
    30+ days ago

    Requisition ID: 1368


    Summary:
    Designs and defines architectures, firewalls, electronic data traffic, and network access involved in system security. Applies encryption technology, penetration and vulnerability analysis of various security technologies, and information technology security research. Executes security controls to prevent unauthorized access to company information. Researches attempted efforts to compromise security protocols. Conducts risk assessment and provides recommendations for application design.

    Evaluates, creates, and implements solutions to enhance security controls to protect the systems and data maintained in development, testing and production environments.


    Job Responsibilities:
    Support adoption and implementation of NIST-based standards across the agency.
    Support all steps of NIST 800.53
    Participate in the selection of the organization's common security controls and in determining their suitability for use in the information system
    Review the security controls regarding their adequacy in protecting the information and information system
    Prepare and review documentation to include Systems Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs); support security authorization activities
    Implement and enforce information systems security policies, standards, and methodologies
    Evaluate security solutions to ensure they meet security requirements for processing classified information; perform vulnerability/risk assessment analysis to support certification and accreditation
    Manage changes to the system and assess the security impact of those changes
    Develops, maintains, and manages the continuous monitoring and NASA assessment requirements for all systems issued an ATO
    Develops and implements RISCS training to peers and system stakeholders
    Interfaces with NASA organization to improve and assist with managing JPL IT system Governance, Risk, and Compliance
    Interfaces with JPL cybersecurity SMEs to improve and implement NIST control requirements.

    Required Skills:


    Bachelor's degree in Information Systems Management, Computer Science, Math or related discipline with a minimum of 10 years of related Cybersecurity/Information Technology (IT) experience or an equivalent combination of education and experience.

    10 years experience leading diverse teams of cybersecurity/IT professionals working remotely and onsite, while acting as the Subject Matter Expert (SME), providing mentorship, professional development, and strategic vision for the team.

    Advanced experience with system hardening, configuration testing, continuous monitoring and scanning using any of the following tools: SCAP, Nessus, Snort, and Splunk policies and related Provide engineering solutions for all RMF accreditations throughout the entire systems/product lifecycle.

    Has complete working knowledge of IT architectures and system functions, security policies, technical and process security controls, and operational protective measures.

    5+ years' experience implementing cybersecurity mandates and Risk Management Framework (RMF) principles, Assessment & Accreditation lifecycle, National Institute of Standards and Technology (NIST) Special Publications including 800-53, Federal Information Processing Standard (FIPS) Publications 199 & 200, and Defense Counterintelligence and Security Agency (DCSA) processes including Office of the Designated Approving Authority (ODAA) Business Management System (OBMS) web-based system.

    3 years' experience using NSA's RSA Archer application to support the RMF process.

    Has advanced knowledge of security concepts and best practices such as defense in-depth, zero trust security/architecture, least privilege, need-to-know, separation of duties, access controls, encryption, etc.

    Strong technical and communication skills providing accountability and day-to-day support in ensuring unclassified information systems (IS) are protected and operated in accordance with governing manuals.

    Ability to deliver quality service, monitor progress, manage risk, and make certain that key stakeholders are kept informed about progress and expected outcomes; stay abreast of current business and industry trends relevant to our business.

    Develops, maintains, and manages the continuous monitoring and NASA assessment requirements for all systems issued an ATO Develops and implements RISCS training to peers and system stakeholders.

    Must have a CISSP,CEH, CISM, or similar certification.

    #J-18808-Ljbffr