Red Canyon Software

NASA/courtesy of nasaimages.org

Red Canyon Sofware - Exploring Other Planets, Improving Our Own

Employment Opportunities

We attract ambitious engineers who are in the top of their field. Our engineers are passionate about their professions and do not view work as just “jobs”. We work hard, enjoy life, and try to minimize politics in the workplace. In all we do, we inspire enthusiasm, encourage commitment, and enjoy the moment. Click here to find out more about why you should join the Red Canyon team!

To apply for a position with Red Canyon, follow the instructions under that job posting.

Show all jobs

*NEW* Security Analyst Senior at GSFC

Pay Range:

Length:

Post Date:

10.13.17

Close Date:

Skills:

Do you want to help a small company make a BIG difference in space? Do you take ownership of your job and responsibility for your actions? Then come work for Red Canyon and help us continue our mission of helping mankind reach the stars!

Red Canyon is seeking a self-motivated, detail oriented, goal driven Senior Security Analyst on the Earth Observing System Data and Information System (EOSDIS) Evolution and Development 2 (EED-2) program for Raytheon. The work must be performed on-site at NASA Goddard Space Flight Center (GSFC), Maryland.

After reading the below requirements and responsibilities, if you feel you are the perfect candidate, please email your Word formatted resume and cover letter (in the body of the email) that details how your experience and education are a perfect match for our requirements.

The Security Analyst, Sr. will participate in a broad range of security operations and analysis tasks for both cloud based and on-premise based systems. The Security Analyst, Sr. will provide expert level support to plan, coordinate, and implement the overall information security program for the EED-2 contract.

Roles & Responsibilities:
• Responsible for responding to security actions from the NASA Security Operations Center (SOC), Computer Emergency Response Team (CERT), and other Security notices as directed by EED-2 Engineering Technical Directives (ETDs). Determines corrective actions, prepares and submits reports in accordance with government and program directives.
• Review and interpret Security Documentation from NASA OCIO, NIST, and other documents as directed by EED-2 ETDs.
• Review and interpret security events from OSSEC, Splunk, Nessus, SEP, and other monitoring tools.
• Maintain and update System Security Plan (SSP) documentation and controls.
• Train the operations staff on security issues specific to the EED-2 security implementation.
• Support annual external Security Assessments. Perform internal Security Audits and Assessments.
• Plan, coordinate, and oversee the execution of Contingency Plan (CP) exercises. Prepare test results and maintain Contingency Plans.
• Responsible for the enforcement of security policies and procedures by administering and monitoring security profiles, review security violation reports and investigate possible security exceptions
• Provide technical expertise and oversight to manage the daily administration of security protection measures
• Prepare status reports on security matters to develop security risk analysis scenarios and response procedures
• Manage investigations of security events (e.g., unauthorized access, non-compliance with company policies, fraud, service exploitation, etc.) to determine malfunctions, breaches, and remediation steps

Required Skills:
• Knowledge and experience in vulnerability scanning and patch management tools
• Knowledge and experience in systems administration of Windows Server and Red Hat Enterprise Linux
• Knowledge and experience in the implementation of the NIST 800.53 Security and Privacy Controls for Federal Systems and Organizations
• Knowledge and experience in the implementation of the NIST Risk Management Framework
• Familiarity with network devices and protocols
• Experience with creation, modification and maintenance of IT System Security Plans (SSP), IT Risk Assessments, Contingency Plans to support government environments, ideally for NASA
• Excellent interpersonal skills, including ability to successfully interact in a customer-facing position on a regular basis
• Must be able to meet government a National Agency Clearance (NAC) and citizenship/permanent residency requirements for access to NASA GSFC
• Certified Information Systems Security Professional (CISSP)

Desired Skills:
• Highly desired, experience with establishing and supporting systems on Amazon Web Services (AWS)
• Highly desired, Certified Cloud Security Professional (CCSP)
• Prior work with or for NASA, including related knowledge and expertise
• Knowledge and experience in software security, design, web-based applications, familiarity with C#, Java, .NET, HTML5, etc.
• Certification in Red Hat Enterprise (RHCE) or Oracle Enterprise Linux (Linux Administrator OCA). RHCE is preferred
• Working knowledge of Agile development methodologies
• Knowledge and experience with Personal Identification Credentials (PIV) in Mac, Linux, and Windows environments.

Required Education & Experience:
• Must have minimum of 6 years of experience with a BS/BA Degree in a technical field such as Computer Science, Information Technology, or Information Assurance
• Must have a minimum of 4 years of experience with IT Security and Information Assurance
• U.S. Citizen

***

Red Canyon Engineering and Software: “Exploring Other Planets, Improving our Own”

Please send resume and cover letter to hr-eed@redcanyonsoftware.com