Role: Cyber Security Analyst

Location: Greenbelt, MD

Summary :

The NASA SEWP is seeking a highly motivated, flexible, organized, and detail oriented Cyber Security Analyst (CSA) to join our dynamic team. The CSA will assist in planning and implementing security measures to protect computer systems, networks, and data. The individual in this position interacts closely with personnel from various IT teams including application development, operations and network, and business departments.

Typical responsibilities and duties include, but are not limited to:

• Act as the CSA to the Information System Owner (ISO) and Information System Security Officer (ISSO) on NASA systems, and or applications.
• Ensure that systems, and or applications, are in alignment with Federal IT Security Standards and Policies (NIST, FISMA, FedRAMP, NASA Procedural Directives and Policy Directives, etc.).
• Assist the ISSO in the following tasks:
  • Establish and satisfy system-wide information security requirements based upon the categorization of the information system and applicable security controls.
  • Advise, conduct, and document risk assessments, development of System Security Plans (SSP), Contingency Plan (CP), Plans of Action and Milestones (POA&M), and security policies and procedures.
  • Ensure all information system Risk Based Decisions (RBD), and POA&Ms are properly recorded, working towards satisfaction, concluded, and/or closed out.
  • As part of the continuous monitoring process, automate control testing to provide an accelerated view into risk and validate compliance using the ServiceNow application.
  • Monitor, evaluate, and maintain systems & procedures to protect data systems, databases, and network systems from unauthorized users.
  • Keep the personnel informed of any security risks to their information systems, and applications, and the impacts of those risks to the larger NASA Agency operating environments.
• Identify potential threats and respond to reported security violations.
• Determine causes of security violations and recommend corrective actions.
• Research, recommend, and implement changes to procedures and systems to enhance security.
• Assist in communicating security procedures to SEWP staff.

Education, qualifications and experience:

• Bachelor's Degree in Computer Science, Engineering, Information Technology, Cyber Security, or related field, or an equivalent combination of education and related experience.

• 2-5 years of experience in Information Security role.

• Working knowledge of FISMA, NIST Special Publications, OMB, Risk Management Framework (RMF), and in Information Security Continuous Monitoring (ISCM)
• Desired certifications, Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA) or Certified Information Security Manager (CISM).

Key Requirements:

• US Citizen or permanent residency, with ability to obtain a security clearance of Public Trust

• Must work On-site a minimum of two (2) days per week.
• Must possess excellent oral and written communication skills; have the ability to develop documentation and presentations.