Vacancy expired!
- Develop leading-edge cloud security solutions for NASA
- Be a mentor and example for team members on security best practices
- Perform pen-testing on internal and external networks
- Monitor logs and systems to detect compromises or alert on potential security issues
- Perform vulnerability scanning and remediation
- Assist in security framework design and implementations
- Review architecture to ensure security compliance
- Centralize, parse, and alert on all incoming cloud audit logs
- Develop tools and processes to automate repetitive security related tasks
- Research, suggest, and help implement industry best practices and tool sets
- Create security process flowcharts and architecture diagrams
- Author processes, documentation, and whitepapers for use by team members and customers
- Communicate complex topics to management and government personnel in a way they can understand
- Perform risk analyses and security impact analyses on internal change requests
- Other responsibilities as assigned
- BS in Computer Science or related field or equivalent years of experience.
- Any Security certification is a plus.
- Lean IT or ITIL training or certification is a plus.
- 8+ years working with Information Technology with a focus on Information Security and/or equivalent educational experience
- 4+ years of direct experience working with any of the following:
- Amazon Web Services (AWS)
- Microsoft Azure
- Google Cloud Platform (GCP)
- or similar in a cloud service provider in a SecOps capacity
- Experience performing security audits on enterprise infrastructure
- Experience in vulnerability management, mitigation, and remediation
- Experience monitoring and tracking inventory of systems, software, and other assets
- Experience in writing documentation, processes, workflows, and whitepapers
- Ability to explain complex topics to management and other team members
- DevOps Tools, Mentality, and Culture experience
- Have designed or supported at least one major enterprise level cloud application or platform that supports a large user, compute, or traffic base
- Proficient in creating tools, scripts, and automation with one or more of the following: Python, Ruby, Perl or Bash.
- Excellent English verbal and written communication skills.
- Ability to travel up to 15% of the time to other US based NASA centers.
- Must be a US Citizen with ability to obtain a SECRET government clearance or Public Trust.
- EC-Council Certified Ethical Hacker (CEHv11), CISSP, GIAC (GSEC), ISACA (CISA), CompTIA Security+, or other similar certification
- Published whitepapers on relevant security topics or has presented at a major security conference such as DefCon, BlackHat, RSA, etc.
- Experience performing penetration testing on enterprise infrastructure
- Experience with tools like Metasploit, Nmap, Burp Suite, Snort, Kali Linux, etc.
- Proficiency in one or more of the following:
- Python
- Ruby
- Go
- Java
- C/C/C#
- Bash or PowerShell
- Other equivalent scripting language (So long as you can make logical forking decisions and loops)
- AWS CLI, Boto3 SDK, Azure CLI, or Azure commandlet experience
- Experience using AND writing syntax for ONE or more of the following:
- Terraform
- CloudFormation
- Azure Blueprints
- Ansible/Puppet/Chef
- Equivalent Infrastructure-as-Code (IaC) toolset
- Continuous Integration and Continuous Deployment (CI/CD) design experience
- Agile, ITIL, and general experience with DevSecNetOps and managing one's own projects effectively
- Security framework experience (PCI, NIST 800-53, SOX, CIS, etc.)
- Diagraming experience (Visio, Lucid Charts, OmniGraffle, etc.)
- Support ticketing platform experience (JIRA, ServiceNow, Zendesk, etc.)
- Ability to obtain a government SECRET or TOP SECRET clearance
- Office environment.
- Mobility to work in a typical office setting, use standard office equipment including a computer and keyboard; vision to read printed materials, correspondence, and a computer screen; Position may involve frequent standing, walking, pushing, pulling, bending, reaching, and lifting (may range from 10-50lbs on a regular basis).
- 8+ years working with Information Technology with a focus on Information Security and/or equivalent educational experience
- 4+ years of direct experience working with any of the following:
- Amazon Web Services (AWS)
- Microsoft Azure
- Google Cloud Platform (GCP)
- or similar in a cloud service provider in a SecOps capacity
- Experience performing security audits on enterprise infrastructure
- Experience in vulnerability management, mitigation, and remediation
- Experience monitoring and tracking inventory of systems, software, and other assets
- Experience in writing documentation, processes, workflows, and whitepapers
- Ability to explain complex topics to management and other team members
- DevOps Tools, Mentality, and Culture experience
- Have designed or supported at least one major enterprise level cloud application or platform that supports a large user, compute, or traffic base
- Proficient in creating tools, scripts, and automation with one or more of the following: Python, Ruby, Perl or Bash.
- Excellent English verbal and written communication skills.
- Ability to travel up to 15% of the time to other US based NASA centers.
- Must be a US Citizen with ability to obtain a SECRET government clearance or Public Trust.
Vacancy expired!