Cybersecurity and Compliance Specialist
Hampton, Virginia, US
Analytical Mechanics Associates
Analytical Mechanics Associates (AMA) combines the best of engineering, science, and mathematics capabilities with the latest in information technology and visualization to build solutions. The knowledge, innovation and dedication of the AMA...We are currently looking to hire a highly motivated individual to support the RSES (Research, Science, and Engineering Services) contract located at the NASA Langley Research Center (LaRC). The candidate will be responsible for ensuring the security, compliance, and resilience of the NASA systems assigned. This is a leadership role where you will be responsible for risk assessments, configuration management, implementing security controls, managing compliance efforts, and leading incident response in a government environment. The ideal candidate will have experience working with federal compliance frameworks, securing hybrid cloud environments, and managing complex security architectures.
Job Description
The successful candidate will provide HSPD-12/SMART ID credential administration and support to NASA Security and Badge and Pass operations by performing the following tasks:
- Lead the development and implementation of cybersecurity policies, standards, and procedures to align with NIST 800-53, NIST 800-171, CMMC, DoD, CISA, and FedRAMP requirements.
- Conduct comprehensive risk assessments and manage continuous monitoring efforts for both on-premises and cloud environments.
- Understanding of Amazon Web Services (AWS).
- Oversee physical security and network security measures for on-premises infrastructure, including firewalls, VPNs, and IDS/IPS systems.
- Lead incident response efforts.
- Perform regular vulnerability assessments and manage patching processes.
- Drive cloud security posture management (CSPM) initiatives.
- Manage identity and access management (IAM) strategies, including the implementation of MFA, SSO, and privileged access management (PAM) solutions.
- Ensure continuous compliance with government regulations, preparing systems for internal and external audits.
- Collaborate with DevOps and IT teams to integrate security into CI/CD pipelines, leveraging Infrastructure as Code (IaC) tools such as Terraform, Ansible and/or CloudFormation.
- Act as a cybersecurity thought leader, providing training and guidance to staff on best practices and emerging security threats.
Required Qualifications
- Bachelor’s degree with at least 5-10 years of experience.
- Extensive knowledge of NIST 800-53, NIST 800-171, CMMC, and FedRAMP frameworks.
- Knowledge and understanding of LINUX environments (filesystems, storage, architecture).
- Understanding/familiarity with OpenShift.
- Expertise in securing physical, virtual, and containerized infrastructures in a hybrid environment.
- Proficiency with vulnerability management tools such as Nessus, AWS Inspector, or OpenVAS.
- Experience with endpoint security, network security, and firewall management.
- Experience with SIE integration and incident response in complex environments.
- Strong knowledge of identity management, MFA, and RBAC for hybrid environments.
- Experience leading or coordinating compliance audits and ensuring ongoing compliance with federal regulations.
- Familiarity with “DevSecOps” practices and securing CI/CD pipelines in an on-premises and cloud environment.
- Knowledge of configuration management protocols to lead relevant activities and ensure up-to-date inventory of systems, software, and libraries.
- Strong leadership and communication skills to work effectively with cross-functional teams.
- Experience with coordinating with stakeholders within and outside the organization.
- Ability to support multiple objectives, track own work and provide updates to stakeholders.
- Ability to set priorities and meet deadlines.
- Proficient user of Microsoft Excel, Outlook, and Word
Preferred Qualifications
- Certified Information Systems Security Professional (CISSP)
- Certified Information Security Manager (CISM), or Certified Ethical Hacker (CEH)
- Familiarity with Scaled Agile Framework (SAFe) with certification
- Excellent communication skills.
- Self-starter who can work independently or as part of a team.
- Ability to work with stakeholders in a hybrid environment.
The selected applicant will be subject to a background check investigation and employment is based on the ability to attain physical and logical access to NASA LaRC.
This position requires U.S. Citizenship or Permanent Residency due to facility requirements.
Analytical Mechanics Associates (AMA) is proud of our customer relationships, our diverse and dynamic work environment, and our employees' career satisfaction. AMA is a small business with a wide reach; headquartered in Hampton, VA, AMA has operations in Greenbelt, MD; Huntsville, AL; Dallas and Houston, TX; Denver, CO; and Mountain View and Edwards Air Force Base, CA. With over 60 years of experience, AMA specializes in aerospace engineering, science, analytics, information technology, and visualization solutions. AMA combines the best of engineering, science, and mathematics capabilities with the latest in information technologies, visualization, and multimedia to build creative solutions. We offer competitive salaries and a substantial benefits package, including but not limited to paid personal and federally recognized holiday leave, salary deferrals into a 401(k)-matching plan with immediate vesting, tuition reimbursement, short/long term disability plans, and a variety of medical, dental, and vision insurance options.
AMA is committed to the professional growth of every employee, understanding that the successes of our employees drive our success. We provide a work environment that is engaging, collaborative, and supportive. To learn more about our company, please visit our website at www.ama-inc.com and follow us on Facebook and LinkedIn.
AMA is committed to the professional growth of every employee, understanding that the successes of our employees drive our success. We provide a work environment that is engaging, collaborative, and supportive. To learn more about our company, please visit our website at www.ama-inc.com and follow us on Facebook and LinkedIn.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile Analytics Ansible Audits AWS CEH CI/CD CISA CISM CISSP Cloud CMMC Compliance CSPM DevOps DevSecOps DoD Endpoint security FedRAMP Firewalls IAM IDS Incident response IPS Linux Mathematics Monitoring Nessus Network security NIST NIST 800-53 OpenVAS Risk assessment SSO Terraform VPN Vulnerability management
Perks/benefits: Career development Competitive pay Health care Insurance Medical leave
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.