Description
Description
SAIC is seeking a Space Systems Security Subject Matter Expert (S4ME) to support our NASA Independent Verification and Validation (IV&V) customer. The candidate will be a primary integration expert on Mission Security work performed across the IV&V Program's Mission Protection Services (MPS) Team analyzing the integration, testing, operations, and maintenance of flight and ground systems security. This role is full-time and will require significant time onsite in Fairmont, WV to collaborate with other security and systems software analysts.
The S4ME will be responsible for advancement of integration and excellence of all aspects of IV&V MPS Mission Security services for the IV&V program, to measure effectiveness of defense-in-depth architecture against known and potential vulnerabilities. Activities include: creation of resiliency tests, threat modeling, vulnerability identification, vulnerability research, scanning, and assessment, to protect endpoints, systems, applications, and networks from potential security breaches and attacks, for overall NASA mission success.
The S4ME will work closely with an MPS Integration Lead overseeing the execution of IV&V services across the IV&V Program. The S4ME will ensure IV&V MPS services, methods, work instructions and resulting analyses/products remain current and state-of-the-art. Develop, acquire, and institutionalize new MPS capabilities and methods as necessary. Develop and conduct training to ensure staff have the requisite knowledge, skills, and abilities (KSAs). Maintain consistency and quality of MPS services across application within the IV&V Program. Execution of MPS services will be expected periodically to maintain skills and to supplement short-term staffing/skill shortfalls.
Qualifications
Qualifications - External
- Active TS/SCI or have ability to obtain a TS/SCI clearance.
- Bachelors and 20 years of experience or more of related experience; Masters and 18 years or more experience; PhD or JD and 15 years or more experience.
- Must be willing to travel to the customer location in Fairmont, WV at least 25% of the time.
- Minimum of ten (10) years of experience with Cybersecurity processes and procedures including:
- Red Team experience including Penetration Testing (Whitebox & Blackbox)
- Creation of resiliency tests – requires programming skills
- Review of source code
- Vulnerability Identification and Assessment
- Familiarity with common threat methods and TTPs - MITRE ATT&CK, SPARTA Frameworks
- Experience with the application of Cybersecurity TTPs for one or more of the following types of systems:
- Space Flight systems and software
- Embedded systems (Aerospace, Aeronautical, Industrial Control Systems, Military)
- Space data standards knowledge (CCSDS, C2MS, XTCE, etc...)
- Communication Skills – verbal, written, and presentation skills.
- Computer Skills - Microsoft Office Suite (Word, Excel, PowerPoint).
- Soft Skills – professionalism, strong work ethic, creativity, curiosity, problem solving, critical thinking and ability to work in team environment.
- Experience with Threat and Risk Assessment - NIST CMF, NIST RMF
- Experience with Threat Modeling – STRIDE, DREAD
- Knowledge of Space Domain, Spacecraft ConOps, and space systems avionics
- OSCP, OSCE , CISSP certifications
- Ability to provide high level summary of results and draw conclusions based on interpretation of data
- Software development, maintenance, and deployment processes and secure coding practices
- System/Software design for mission systems
- Knowledge of Hazards/Causes/Controls, Safety Engineering Analysis, Fault Management/FMEA/FTA analysis results
- Data protection compliance standards: GDPR, HIPAA, PCI-DSS
Target salary range: $160,001 - $200,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.
SAIC accepts applications on an ongoing basis and there is no deadline.
Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.
Apply on company website
Find Connections via Linkedin
