ISSE/ ISSO

Job Title: ISSE/ISSO

Program: NASA NCAPS

Location: Marshall Space Flight Center / Remote

Clearance: Public Trust

Company/ Program Description:

Centuria, a Service-Disabled Veteran-Owned Small Business (SDVOSB), has been delivering IT, Engineering, and Scientific solutions to the Federal Government since 2002. During our two decades of service we have earned the trust and respect of our government clients for the simple reason that we have great people who are experts in their fields and take pride and ownership in everything they do.

 The Washington Post has recognized Centuria Corporation as one of the top workplaces in the DC Metro area for 2024. This award celebrates nationally recognized companies that make the world a better place to work together by prioritizing a people-centered culture and giving employees a voice. The Top Workplaces USA award is based entirely on feedback from an employee engagement survey completed by the employees of participating workplaces. Centuria is honored to have been awarded this distinction.

PROGRAM DESCRIPTION:

The NASA Consolidated Application and Platform Services (NCAPS) contract will provide the necessary support to maintain and evolve NASA’s core collaborative IT services, which are essential to the ongoing success of its missions and projects across NASA’s geographically distributed Centers. The scope of work includes efficient, effective, innovative, and collaborative approaches to IT management and delivery. The Contractor shall ensure the safety, security, and availability of operations with requisite Agency visibility, ensuring NASA and its partners can operate without disruption while maintaining interoperability across NASA’s heterogenous IT environment.

In conjunction with CACI, Centuria will be supporting delivery of Application and Platform transformation and support using Scaled Agile Framework (SAFe) and Information Technology Infrastructure Library (ITIL) service management practices.  This work will require extensive collaboration and integration vital to the planning, design and development of future capabilities and technologies along with sustainment of existing capabilities and technologies.

JOB REQUIREMENTS:

·        Security Engineering: Design and implement security measures for new and existing systems, ensuring they comply with security best practices and government regulations (e.g., NIST, RMF, DoD standards).

·        Risk Management: Conduct regular risk assessments and vulnerability analyses to identify potential threats and develop mitigation strategies.

·        Compliance Oversight: Ensure systems comply with applicable security policies, procedures, and standards, including the Risk Management Framework (RMF), FISMA, and NIST 800-53.

·        Documentation: Maintain and update security-related documentation, including System Security Plans (SSP), Security Control Traceability Matrices (SCTM), and Plan of Action and Milestones (POA&M).

·        Incident Response: Support the incident response process by investigating security breaches, developing corrective action plans, and preventing recurrence.

·        Security Assessments: Perform security assessments and audits on information systems and networks to ensure continued compliance with federal and organizational standards.

·        Collaboration: Work closely with system administrators, network engineers, and other IT professionals to integrate security requirements throughout the system lifecycle.

·        Continuous Monitoring: Implement and oversee continuous monitoring programs to ensure that security controls are functioning as intended.

·        Training & Awareness: Provide security training and guidance to employees to promote awareness and compliance with security policies.

QUALIFICATIONS:

·        Education: Bachelor’s degree or equivalent experience

·        Experience: 6+ years of experience in information security, risk management, or cybersecurity.

·        Knowledge: Strong understanding of NIST 800-53, RMF, FISMA, DoD directives, and other relevant security frameworks.

·        Technical Skills: Proficient in vulnerability scanning tools, SIEM solutions, and security analysis techniques.

·        Communication: Excellent verbal and written communication skills, with the ability to present complex security issues to technical and non-technical audiences.

·        Problem-Solving: Strong analytical and problem-solving skills with a proactive approach to identifying and resolving security risks.