Security Administrator

Working on the HSFTIC contract in the Information Technology IT Operations group supporting the ISS, Orion, and Gateway programs at the Johnson Space Center.

Minimum Requirements:

 •Be responsible for decomposition of requirements, generation and allocation of specifications, control documents, plans and reports in support of NASA and the ISS program office in regards to all IT security matters

• Review and implement NASA agency and Federal Government security controls and procedures to cost-effectively protect information system assets from intentional or inadvertent modification, disclosure or destruction.  Provide guidance and direction for the physical protection of information systems assets to other functional units.  

• Prepare and distribute activity and progress reports to management and NASA personnel regarding effectiveness of data security and make recommendations for the adoption of new processes and procedures. 

• Confer with and advise of security policies and procedures, technical problems, and priorities.  Project long-range security controls and requirements for the ISS contract and meet NASA agency and International Space Station Program deadlines.

• Assure Network and Security Operations within the System Administration and Operations (SAO) group provide services to include the following:  scan new servers, attend and participate in all required security meetings, write and maintain security documentation including, the ISS and contractor managed  Security Plans, Plan Of actions and Milestones (POA&M), Disaster Recovery Plan, Continuity Of Operations Plan (COOP), Risk Assessment, Service Request (SR), and verify JSC vulnerability scans for all ISS servers. Position also participates in coordination of ISS and NASA disaster recovery plans and processes.

• Job requires that candidate is familiar with the Federal Governments National Institute of Standards and Technology (NIST) information Technology guidelines and Federal Information Security Management Act (FISMA) security compliance processes and Certification & Accreditation IT system audits.

• Should be familiar with the NIST Security certification phases including; Security Categorization(800-60-FIPS199), Control Selection L,M,H(SP800-53-FIPS200),  Risk Assessment(SP800-30), Security Plan (SP800-18 -ITS-SOP-16C), self assessment (SP800-70) & Continuous Monitor (SP800-37). Should also be familiar with Federal Information Processing Standards (FIPS) used by government agencies for system security categorization. 

• Experience with UNIX, Linux and Windows operating systems is desired.    

• Must be a U.S. Citizen and successfully complete a U.S. government background investigation.

• Applicant selected may be subject to government security investigation and must meet eligibility requirements for access to classified information.

• Work may involve sitting for extended periods.

• Must have sufficient mobility to enter areas of test facilities where necessary.

• Generally an office environment, but can involve inside or outside work depending on task.

• Standard office equipment (PC, telephone, fax, etc.)

• Regular attendance in accordance with established work schedule is critical.

• Ability to work outside normal schedule and adjust schedule to meet peak periods and surge requirements when required.

• Must be able to work in a team atmosphere.

• Must put forward a professional behavior that enhances productivity and promotes teamwork and cooperation.

• Grooming and dress must be appropriate for the position and must not impose a safety risk/hazard to the employee or others.

• This position may require some commuting and traveling to other installations as needed.

Preferred Qualifications:

• CISSP certification

• Experience with IT security and administration

• Experience with Government security practices and implementations

Education & Revelant Work Experience:

• BS/BA degree in a computer or engineering related field from an accredited engineering college/university or equivalent experience.

OR

• BS/BA degree in a computer or engineering related field from an accredited engineering college/university or equivalent experience, plus a minimum of 5 years of experience in IT security administration

• Exceptional leadership, organizational, oral/written communication, analytical, and problem resolution skills. Thrive in both independent and collaborative work environments.

• Quick study, with an ability to easily grasp and put into application new ideas, concepts, methods and technologies. Dedicated, innovative and self-motivated team player/builder. 

• Security specialist in defining new work requirements, technical specifications, and defining scope. 

• Experience with time sensitive issues regarding project deadlines.

• Excellent communication skills with clients, and employees, being able to resolve any situation in a timely and professional manner.

• Quick study, with an ability to easily grasp and put into application new ideas, concepts, methods and technologies. Dedicated, innovative and self-motivated team player/builder. 

• Working understanding of data centers, and capacity planning.

• Working with client network administrators on firewalls, and router/switch problems

• Excellent communication skills (both written and verbal), 

• Proficient in Microsoft Office (Word, PowerPoint, Excel, Outlook, SharePoint).

• Demonstrated ability to work well in a team and independently.

Company Benefits:

ARES offers a competitive compensation and benefit package. Full time employees may participate in:

• Medical Insurance
• Dental Insurance
• Vision Insurance
• HSA/FSA Accounts
• Life & Disability Insurance
• Critical Illness & Accident Insurance
• ESOP
• 401(k) Plan
• Paid Time Off & Holidays

 ARES is an EEO/AA/Disability/Vets Employer and complies with E-Verify.

 ARES shall abide by the requirements of 41 CFR 60-1.4(a), 60-300.5(a) and 60-741.5(a).  These regulations prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities and prohibit discrimination against all individuals based on their race, color, religion, sex, sexual orientation, gender identity or national origin.   Moreover, these regulations require that covered prime contractors and subcontractors take affirmative action to employ and advance in employment individuals without regard to race, color, religion, sexual orientation, gender identity, national origin, disability or veteran status.