Support PDF,DOC,DOCX,TXT,XLS,WPD,HTM,HTML fils up to 5MB
Years of Experience
Date Last Verified
ProfileInformation System Security Officer Duties: Responsible for the planning and coordinating of all aspects of system security, including the set-up of the Information Assurance (IA) processes, system baselines, and hardening procedures, encryption management, virus protection policy, and maintaining IT Security documentation for NASA projects. Spearhead the Assessment and Authorization (A & A) activity lifecycle for selected NASA projects – achieving and maintaining ATO (Authority to Operate). Conducting System and Network Vulnerability Scans, Incident Handling and Response, Assessing System Risk and Compliance, and performing Security Device maintenance. Will be expected to perform their own informal IT Security reviews, take part in formal Agency Assessment and Authorization activities annually, as well as Federal IT Security Audits as they occur. This position is contingent upon contract award. NIST 800-53 Rev 4 control Assessments for NASA Projects. Implement & monitor customer IT Security policies (NASA Baseline Standards). Ongoing system posture & risk level monitoring. Support Accreditation and Authorization (ATO) requirements for program life cycle – from system proposal to system disestablishment. Incident Response – communication, equipment handling, cleanup management, customer coordination. Annual System Review – Risk assessment, Control Assessment, Inventory tracking. Antivirus Scans and Updates (DAT Files). System Security Plans – draft, review, update/maintain, all supporting IT Security Documents. Software Requests – approvals, documentation, coordination with users & System Administrators. Disaster Recovery – documentation, Updates and annual disaster scenario walk-throughs. Customer meetings – represent the SAIC in Customer Project Meetings. Communicate with Information System Owners and other customer designated officials. FIPS 140- 2 certified Device Configuration and management. Vulnerability Scans using Nessus and McAfee MVM. NASA IT Security Software: Dell Kace, Splunk, Symantec SEP, RSA Archer, IBM BigFix. ISSO Related Training as required by the Customer. SBU/CUI Briefing for new employees.
Qualification and Experience
Qualifications: Bachelor's Degree and 9+ years' of related experience; Master's Degree and 7+ years' of related experience; PhD or JD Degree and 4+ years' of related experience. 6+ years’ experience supporting Windows XP, Windows 7, Server 2003, and Server 2008R2 is required. Experience with Windows and Linux System Baselining, Hardening, and Patching. Experience with writing IT Security and/or IT Systems process and plan documentation. DESIRED: Security+ and/or CISSP Certification are preferred. Familiar with NASA IDMAX and System A & A process is preferred. IP Networking and Infrastructure Experience preferred. Windows 10 and Server 2012 preferred. Firewall and IDS familiarity. Surveillance Camera systems, badging, building and perimeter security are desired. Linux (Red Hat, CentOS, Ubuntu) experience is preferred. Great communication skills- able to run meetings with project teams and coordinate with technical and non-technical staff.