IT Security Engineer II

Marshall Space Flight Center, AL |Full Time
In order to apply for this or any other job you will need to log in.

Position Description

 

Dynetics, a wholly owned subsidiary of Leidos, is seeking a talented IT Security Engineer II to join a diverse team to create unique solutions for complex problems. With offices across the United States engaging in the defense, space, cyber and commercial fields, Dynetics provides responsive, cost-effective engineering, scientific and IT solutions.

The IT Security Engineer II possess working technical knowledge of Cybersecurity principals. In coordination with the Government, supports integration of new and existing information systems to ensure that appropriate controls exist, that processing is efficient and accurate, and that systems are in compliance with standards, guidelines, and regulations. Perform with some latitude for independent actions and decisions. This position may serve as the technical lead for other team members to include network, cyber, or IT security engineers.

Duties may include the following:

Comply with NASA Cybersecurity requirements as defined in NPDs, NPRs, NIDs, Cybersecurity and Privacy Division Handbooks, and NASA Standards as identified in the Applicable Documents List, and Security Requirements for Unclassified Information Technology Resources. Local Center policies are applicable for any Cybersecurity requirements that are not explicitly cited in the applicable documents list, Cybersecurity Requirements for Unclassified Information Technology Resources, unless superseded by law or statute; or by additions or updates to NASA policy documentation. Support NASA CIO's goal of strengthening and improving Cybersecurity.

Apply Cybersecurity & Privacy Program (CSPP) requirements to all data residing on NASA IT resources. IT resources means any hardware or software or interconnected system or subsystem of equipment, that is used to process, manage, access, or store electronic information and includes operational technology.

Maintain current on industry knowledge, skills, and abilities in Cybersecurity technologies and services. Evaluate new approaches and emerging technologies for possible recommendations to the NASA Cybersecurity and Privacy Program.

Follow NASA Incident Response Management procedures and policies and ensure coordination of its Incident Response team with the NASA SOC. The Contractor shall promptly report to the NASA SOC any suspected computer or network incidents occurring on any systems the Contactor provides or for which they have operational responsibility. The Contractor shall provide all necessary assistance and access to the affected systems so that a thorough investigation can be conducted, problems remedied, and lessons learned documented. Handle security logs and audit information according to evidence preservation procedures.

Provide the NASA SOC real-time, electronic access to all asset information and CM information for all devices provided under this contract and in support of this contact.

Report the theft or loss of any device that may contain NASA information, in accordance with NASA incident reporting policy and procedures.

Implement technology-related requirements and standards established by the NASA CIO, CSPP and the SOC.

Provide technical support for NASA vulnerability scans. Inform Cybersecurity stakeholders of new and/or ongoing activities, topics, or trends related to vulnerability management.

Collaborate and coordinate with NASA the implementation of practices that assess and quantify risk.

Provide a mechanism to imbed Cybersecurity capabilities within organizations through customer funding for dedicated Cybersecurity compliance support.

In coordination with Agency configuration management, draft requirements and configuration guidelines for securely configured computer systems in multiple environments, including UNIX, Windows, Mac OS, and mobile device platforms.

Monitor and analyze system logs and network monitoring tool logs. Report all violations to the NASA SOC promptly and notify the local Cybersecurity Official.

Provide system logs as required and within the timeframe requested, to the CIO and/or the Cybersecurity Official (CISO).

Work with NASA in developing all Cybersecurity documentation.

Monitor Network Trends.

Monitor system and network device behaviors to establish and maintain a baseline of normal patterns and trends for all NASA networks.

Report network activities that diverge from NASA's normal network patterns or trends.

Conduct analysis of the vulnerability scan data and patch management data produced from Government-provided tools. Analysis shall include current status charts/graphs, trending information, risk ranking of identified vulnerabilities, and complete, effective and resource efficient mitigation strategies.

In coordination with NASA align with Agency tool sets and process such as CDM for Vulnerability Management. Address vulnerability reports from external Federal entities such as DHS, OIG, or OMB.

Develop, maintain, and test the Contingency and related Disaster Recovery Plans, in accordance with NASA policy, to ensure the orderly recovery from a disaster that may render all or part of information facilities, systems, and equipment inoperable. This plan shall be in accordance with NASA Continuity of Operations (COOP) Planning Procedural Requirements.

Coordinate with Agency and Center information systems and disaster recovery experts across NASA to verify integration of procedures and planning techniques.

Execute effective measures to protect all systems equipment and data from potential environmental threats.

Assist the Center CISO in the notifications and disablement process for individuals who fail to complete annual cybersecurity training by the deadline.

Assist NASA organizations in understanding and interpreting NASA policy and procedures relative to privacy.

Assist NASA in implementing privacy information protection in accordance with NASA policies and federal mandates.

Support the NASA Privacy Program Managers in all privacy related aspects.

Assist NASA in responding to federal privacy inquiries and reporting requests.

Assist NASA stakeholders to meet and validate the privacy requirements as defined in NASA policies.

Assist the Breach Response Team (BRT), as needed.

Support the NASA Privacy Program Managers with SBU transition to CUI based on NASA's requirements, procedures and processes.

Assist with developing and providing communications and outreach material.

Assist with developing required annual reports based on the Federal mandates and guidelines.

Ensure appropriate banner markings are labeled on CUI documents.

Store and maintain the documentation in the approved NASA Repository.

 

 

Basic Qualifications

EDUCATION & EXPERIENCE: BS degree and 4 – 8 years of prior relevant experience.

A minimum of one of the following certifications; CompTIA Security+, CompTIA CASP, or Certified Information System Security Specialist (CISSP) certification or able to certify within 2 years after contract start.

Solid understanding of key communications tools, such as Microsoft Project, Microsoft Word, Microsoft Excel, and Microsoft PowerPoint.

 

Other Qualifications

Security Requirements

Candidate must be a US Citizen and possess (and be able to maintain) a Final Secret Clearance or meet the eligibility to obtain (and maintain) a Secret Clearance.

Job Number:
01.02.01-2022-27
Closing Date:
06/20/2022

COVID Response

In order to enter Dynetics facilities in the U.S. and to attend Dynetics events outside our facilities, employees are required to be vaccinated or have an approved exemption on file for COVID-19. In addition, we are receiving guidance from certain customers that onsite contractor personnel will need to be fully vaccinated to access customer facilities. If you are not vaccinated, please consider getting your COVID-19 vaccination as soon as possible. If you have any questions, please contact your Talent Acquisition POC.

You might also like