Job Description

IT SECURITY ANALYST / SYSTEM ENGINEER III

This position fulfills a key role in the COMIT IT Security Team at the NASA Johnson Space Center (JSC) by using technical, project management and IT Security Lifecycle Process skills/knowledge to ensure IT Security/Security Management Services activities are conducted in accordance with task order and SOW requirements. 

The successful candidate will develop a detailed understanding of the function and operation of assigned information systems and apply expertise in IT and knowledge of IT Security management principles to ensure that the organization is compliant with all Agency IT Security documentation, reporting and implementation requirements.  Provides guidance to the organization through the Assessment and Authorization (A&A) process. Maintains awareness of organizational activities and generates/provides input to the following documentation: IT security plans, testing procedures and results, standard operating procedures, emergency procedures, contingency plans, disaster recovery plans, memoranda of understanding with interfacing systems, user rules/procedures, user/program manuals, risk assessment, backup procedures, A&A processing documents and statement, and verification reviews and site inspections. Assists the organization with monitoring security controls for IT systems, assuring a continuous state of compliance with all IT security regulations and requirements. Maintains knowledge of tools/technology pertaining to IT Security/Cybersecurity activities in order to verify system compliance.   Responsible for a variety of duties such as;  project planning and status reporting; or analysis, design, development, installation, maintenance, and administration of complex IT Security related systems.

Provides periodic reports on the state of regulatory compliance, plan development, approval status, and/or significant issues relating to IT management and information security.

Qualifications:

• Required CISSP, CISA or CAP training/certification.
• Requires experience in IT Security Plan development, auditing, assessments, and compliance with NIST and/or NASA/DoD standards.
• Familiarity with IBM Bigfix, Tenable NESSUS, and/or RSA Archer.
• Must have the ability to develop, maintain and adhere to schedules.
• Must have the ability to determine customer requirements and recommend solutions to meet said requirements.
• Must have the ability to analytically solve problems that may arise and determine preventative measures.
• Must be able to follow processes, specifications, standards, and best practices from JSC and throughout the industry.
• Must have strong communications skills, both written and verbal.
• Must have effective customer service skills.
• Must be a U.S. citizen.
• Candidate selected must be subjected to a government security investigation and background check.
• Requires an Associate’s degree/technical degree in the field with at least 9 years related experience or a Bachelor’s degree in a computer related field with at least 5 years related experience.
• Preferred CISSP, CISA or CAP training/certification

Mori Associates is an Equal Opportunity Employer encouraging diversity in the workplace. All qualified applicants will receive consideration for employment without regard to race, national origin, gender identity/expression, age, religion, disability, sexual orientation, genetics, veteran status, marital status or any other characteristic protected by law.

Additional Information

All your information will be kept confidential according to EEO guidelines. Mori Associates is an Equal Opportunity Employer encouraging diversity in the workplace. All qualified applicants will receive consideration for employment without regard to race, national origin, gender identity/expression, age, religion, disability, sexual orientation, genetics, veteran status, marital status or any other characteristic protected by law.