Job was saved successfully.
Job was removed from Saved Jobs.

Job Details


IT Security Engineer I

Law Enforcement and Security

Diplomatic Security

No

Huntsville, Alabama, United States

Description

Job Description:

Job Description

The IT Security Engineer I possess basic technical knowledge of Cybersecurity principals. In coordination with the Government, supports integration of new and existing information systems to ensure that appropriate controls exist, that processing is efficient and accurate, and that systems are in compliance with standards, guidelines, and regulations.

Duties may include the following:

Comply with NASA Cybersecurity requirements as defined in NPDs, NPRs, NIDs, Cybersecurity and Privacy Division Handbooks, and NASA Standards as identified in the Applicable Documents List, and Security Requirements for Unclassified Information Technology Resources. Local Center policies are applicable for any Cybersecurity requirements that are not explicitly cited in the applicable documents list, Cybersecurity Requirements for Unclassified Information Technology Resources, unless superseded by law or statute; or by additions or updates to NASA policy documentation. Support NASA CIO's goal of strengthening and improving Cybersecurity.

Apply Cybersecurity & Privacy Program (CSPP) requirements to all data residing on NASA IT resources. IT resources means any hardware or software or interconnected system or subsystem of equipment, that is used to process, manage, access, or store electronic information and includes operational technology.

Maintain current on industry knowledge, skills, and abilities in Cybersecurity technologies and services. Evaluate new approaches and emerging technologies for possible recommendations to the NASA Cybersecurity and Privacy Program.

Follow NASA Incident Response Management procedures and policies and ensure coordination of its Incident Response team with the NASA SOC. The Contractor shall promptly report to the NASA SOC any suspected computer or network incidents occurring on any systems the Contactor provides or for which they have operational responsibility. The Contractor shall provide all necessary assistance and access to the affected systems so that a thorough investigation can be conducted, problems remedied, and lessons learned documented. Handle security logs and audit information according to evidence preservation procedures.

Provide the NASA SOC real-time, electronic access to all asset information and CM information for all devices provided under this contract and in support of this contact.

Report the theft or loss of any device that may contain NASA information, in accordance with NASA incident reporting policy and procedures.

Implement technology-related requirements and standards established by the NASA CIO, CSPP and the SOC.

Provide technical support for NASA vulnerability scans. Inform Cybersecurity stakeholders of new and/or ongoing activities, topics, or trends related to vulnerability management.

Collaborate and coordinate with NASA the implementation of practices that assess and quantify risk.

Provide a mechanism to imbed Cybersecurity capabilities within organizations through customer funding for dedicated Cybersecurity compliance support.

In coordination with Agency configuration management, draft requirements and configuration guidelines for securely configured computer systems in multiple environments, including UNIX, Windows, Mac OS, and mobile device platforms.

Monitor and analyze system logs and network monitoring tool logs. Report all violations to the NASA SOC promptly and notify the local Cybersecurity Official.

Provide system logs as required and within the timeframe requested, to the CIO and/or the Cybersecurity Official (CISO).

Work with NASA in developing all Cybersecurity documentation.

Monitor Network Trends.

Monitor system and network device behaviors to establish and maintain a baseline of normal patterns and trends for all NASA networks.

Report network activities that diverge from NASA's normal network patterns or trends.

Conduct analysis of the vulnerability scan data and patch management data produced from Government-provided tools. Analysis shall include current status charts/graphs, trending information, risk ranking of identified vulnerabilities, and complete, effective and resource efficient mitigation strategies.

In coordination with NASA align with Agency tool sets and process such as CDM for Vulnerability Management. Address vulnerability reports from external Federal entities such as DHS, OIG, or OMB.

Develop, maintain, and test the Contingency and related Disaster Recovery Plans, in accordance with NASA policy, to ensure the orderly recovery from a disaster that may render all or part of information facilities, systems, and equipment inoperable. This plan shall be in accordance with NASA Continuity of Operations (COOP) Planning Procedural Requirements.

Coordinate with Agency and Center information systems and disaster recovery experts across NASA to verify integration of procedures and planning techniques.

Execute effective measures to protect all systems equipment and data from potential environmental threats.

Assist the Center CISO in the notifications and disablement process for individuals who fail to complete annual cybersecurity training by the deadline.

Assist NASA organizations in understanding and interpreting NASA policy and procedures relative to privacy.

Assist NASA in implementing privacy information protection in accordance with NASA policies and federal mandates.

Support the NASA Privacy Program Managers in all privacy related aspects.

Assist NASA in responding to federal privacy inquiries and reporting requests.

Assist NASA stakeholders to meet and validate the privacy requirements as defined in NASA policies.

Assist the Breach Response Team (BRT), as needed.

Support the NASA Privacy Program Managers with SBU transition to CUI based on NASA's requirements, procedures and processes.

Assist with developing and providing communications and outreach material.

Assist with developing required annual reports based on the Federal mandates and guidelines.

Ensure appropriate banner markings are labeled on CUI documents.

Store and maintain the documentation in the approved NASA Repository.

Basic Qualifications

A minimum of one of the following certifications; CompTIA Security+ or CASP certification or able to certify within 2 years after contract start

Solid understanding of key communications tools, such as Microsoft Project, Microsoft Word, Microsoft Excel, and Microsoft PowerPoint.

EDUCATION & EXPERIENCE: BS degree and less than 2 years of prior relevant experience or equivalent years of experience.

Pay Range:

Pay Range $50,700.00 - $78,000.00 - $105,300.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.