Cyber security analyst - united states, rockhampton

jacobs has partnered with nasa to support space flight programs for more than 40 years. while the majority of work is directly in support of larc, other industry partners and government agencies may be supported at remote sites as directed by the contracting officer (co). the center maintenance, operations, and engineering (cmoe) contract comprises of three major categories of work – operations, maintenance, and engineering (ome). a brief description of each category is: maintenance – research and institutional facility maintenance includes, but not limited to, preventive maintenance, trouble calls, repairs, reliability centered maintenance (rcm), facility condition assessment (fca), and maintenance/operation of central utilities (e.g., electrical power distribution, potable water, storm water drainage) •operations – facilities operations support includes, but not limited to, wind tunnels, laboratories, and test stands testing, instrumentation calibration/repair; plant and utilities (e.g., high pressure air, liquid nitrogen (ln2) and steam plant); technology development and administration, including, but not limited to, facility automation systems (fas) and data acquisition systems (das) •engineering – facility engineering includes, but not limited to, engineering studies, design, construction, construction management, configuration management, tactical engineering, pressure system recertification, project management/planning support.

responsibilities:
- support and implement security requirements or identify risk mitigation strategies
- monitor the ot environment for security breaches and investigate violations when they occurs
- determine the system security plans (ssp) required to support a variety of functionality within the ot environment and develop the related ssps
- work with a team of system administrators to design, implement, and maintain the requirements identified in the ssp(s)
- work with a team of ics, scada engineers to design, implement, and maintain the requirements identified in the ssp(s)
- develop, document and implement security standards and best practices for the ot
- develop, document and oversee the installation and use of security tools to protect sensitive information
- identify weaknesses and recommend security enhancements to management
- support the operations community when new security products and/or procedures are required that will impact the processes related to operations
- conduct security assessment periodically or as needed (e.g., when a security breach occurs)
- work directly with the cso, iso, isso, ocio in support of the organizational ssps
- manage the ssps content using the risk information security compliance system (riscs) established using the rsa archer product
- enter, track rbds and poams using the riscs tools
- manage ssp inventory monitoring, updates, and deployment (via managed scripts) using the bigfix and the it security enterprise data warehouse (itsec-edw) reports website
- liaison with the customer operations team during maintenance periods to plan, communicate, and implement project plan tasks that ensure the highest possible security posture as well as minimal operational down time
- occasionally respond to tickets for computer repairs and system administration support

u.s. citizenship is required. b.s. degree in a computer or system science discipline from an accredited college or university and three (3) to five (5) years related, or ms degree and two (2) to three (3) years of related experience, or a ph.d.

ability to translate client requirements and build security solutions within project scope. excellent communication skills and the ability to work well with people at every level and in every department are essential experience with system administration, system setup, configuration, repair, backup and recovery is preferred. operating systems supported include legacy to current versions of windows, linux, unix, mac experience with security implementation in the ot, ics, scada environment is preferred. certifications in information security (cissp, csslp, ccfp, cism, etc.), ics security (gcip, gicsp, grid, etc.) or comparable work experience. risk analysis/assessment experience is preferred

essential functions

work environment:
office or control room (85%)

test environment - may be exposed to areas of high noise levels, hazardous propellants, chemicals, and industrial facilities. travel between various onsite facilities and during test operations is required. may bring exposure to loud noise and potentially hazardous equipment operations. (15%)

physical requirements:
the ability to enter confined spaces, crawl into or onto various assemblies while maintaining a clear vision of safety is required. potential exposure to high noise levels, hazardous chemicals, propellants, and the like. must be able to walk, stand, bend, twist and sit for extended periods as well as climb, crawl, and lift up to 35 lbs. appropriate ppe and training will be provided for all conditions.

equipment and machines:
standard office equipment - personal computers and related equipment.
safety and personal protective equipment (50%)

attendance:
regular attendance is mandatory (100%)
overtime/work outside normal schedule required (

Apply to this job now Report abuse

More jobs