Are you passionate about cybersecurity security and information systems security? Do you want to lead the operations and management of protection technologies for the security of JPL’s classified work environment? If you answered yes, then we have the right opportunity for you! At NASA’s Jet Propulsion Laboratory, we depend on innovation and technical excellence to develop and deploy secure IT systems and services that provide the edge we need to explore the universe and beyond.
A JPL Cybersecurity Engineer is challenged every single day with both traditional and non-traditional security issues. The work is diverse, requiring respectful and thoughtful interpersonal skills, as well as a proven ability to cultivate reciprocal relationships, inspire collaboration and promote cooperation. If this environment interests you and you have a desire to protect National Security while helping JPL succeed in this arena, please apply.
We are looking for a Cybersecurity Engineer to join our team who shares our passion for technology and security.
Some Challenges You Will Tackle:
- Provide technical leadership and operational expertise for the design, deployment, operations and maintenance JPL’s mission and corporate network environments.
- Manually audit the source code of web services and software authored for JPL use while leading and directing proof of concept engagements to demonstrate the severity of a potential security issue.
- Provide clear communication on the issue to developers.
- Suggest and help to test the fix as well as partner with local and cloud developers to drive improvement in application security as a result of security review engagements.
- Provide actionable long-term risk mitigation guidance and conduct independent vulnerability research pertaining to relevant technologies.
- Typically requires a Bachelor’s degree with a minimum of 6 years of related Cybersecurity experience; Master’s degree with a minimum of 4 years of related experience; or PhD with a minimum of 2 years related experience
- Successful experience with system hardening, configuration testing, continuous monitoring and scanning using any of the following tools: SCAP, Nessus, Snort, Splunk, etc.
- Maintain a working knowledge of system functions, security policies, technical security safeguards, and operational protective measures.
- Recent experience implementing the Risk Management Framework (RMF) principles, Assessment & Accreditation lifecycle and National Institute of Standards and Technology (NIST) Special Publications including 800-53
- Knowledge of security concepts and best practices such as defense in-depth, least privilege, need-to-know, separation of duties, access controls, encryption, etc.
- Strong technical and social skills providing accountability and day-to-day support in ensuring classified automated information systems (AIS) are protected and operated in accordance with governing policies and related manuals.
- Experience and knowledge in one or more of the following areas: Cybersecurity Operations, Identity Management Systems, Network and Systems Architecture, UNIX, Linux-based and Windows systems administration.
Additional Desired Qualifications:
- Extensive knowledge of policies, procedures and guidelines for the development, implementation, operations and maintenance of Cybersecurity functions across the range of disciplines
- Experience with assessing the system maturity level of scalable systems and applications
- Experience working individually or within cross-functional
- Demonstrated success in understanding internal business processes in a high-tech environment such as project management along with ability to evaluate system enhancements enhancing functionality and overall security
- Previous implementation and maintenance experience with log aggregation tools, data analytics systems and network vulnerability management tools.
- Experience leading technical teams on large-scale projects through completion.
- Expert experience in problem solving, analytics and communicating complex/complicated ideas.