NASA IV&V Vulnerability Assessment Analyst
Reference
Job Type Full-time
Job Status Sourcing
Date Posted Thursday, 15 March 2018
Location Fairmont, WV
Duration
Job Description

NASA IV&V Vulnerability Assessment Analyst


Job Location: WV - Fairmont


 


Requisition ID: 2018-40817


Category: Cyber Security


 


Description


MPL Corporation is a provider of Independent Verification and Validation (IV&V) services to the NASA IV&V Program located in Fairmont, West Virginia. At the NASA IV&V Facility, we support NASA's IV&V Program, delivering analysis and verification & validation of safety-critical and mission-critical software for a number of important NASA programs, including both human and robotic exploration as well as earth and space science collection platforms.


This position supports the IV&V Safety & Mission Assurance (SMA) Support Office (SSO) within the IV&V Program. Work is performed under the direction of the SSO Cybersecurity lead.


 


Roles and Responsibilities as defined:



  • Analyze mission cyber defense policies and configurations and evaluate compliance with regulations and organizational directives.

  • Maintain knowledge of applicable cyber defense policies, regulations, and compliance documents specifically related to cyber defense auditing.

  • Prepare audit reports that identify technical and procedural findings, and provide recommended remediation strategies/solutions.

  • Perform technical (evaluation of technology) and nontechnical (evaluation of people and operations) reviews, risk and vulnerability assessments of relevant technology focus areas (e.g., local computing environment, network and infrastructure, enclave boundary, supporting infrastructure, and applications).

  • Make recommendations regarding the selection of cost-effective security controls to mitigate risk (e.g., protection of information, systems and processes).


Required Qualifications



  • Bachelors' degree in a directly related field and 8+ years of experience. Four (4) years of relevant experience or domain specific certifications may be substituted for each degree requirement.

  • Ability to obtain a TS/SCI clearance

  • Ability to travel up to 30%

  • Experience analyzing cyber defense policies and configurations for compliance with regulations and organizational directives

  • Experience and expertise in applicable cyber defense policies, regulations, and compliance documents specifically related to cyber defense auditing.

  • Ability to perform technical and nontechnical reviews, risk and vulnerability assessments of relevant technology focus areas


Desired Qualifications



  • Experience modeling networks (RedSeal)

  • Active Top Secret Clearance

  • Ability to conduct and/or support authorized penetration testing on enterprise network assets and maintaining deployable cyber defense audit toolkit (e.g., specialized cyber defense software and hardware) to support cyber defense audit missions.

  • Demonstrated skills in conducting vulnerability scans and recognizing vulnerabilities in security systems, assessing the robustness of security systems and designs, detecting host and network based intrusions via intrusion detection technologies or PCAP analysis (e.g., Snort, wireshark, tcpdump), using network analysis tools to identify vulnerabilities. (e.g., fuzzing, nmap, etc.), reviewing logs to identify evidence of past intrusions, conducting application vulnerability assessments, performing impact/risk assessments and applying cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).

  • Ability to identify systemic security issues based on the analysis of vulnerability and configuration data, apply programming language structures (e.g., source code review) and logic, share meaningful insights about the context of an organization’s threat environment that improve its risk management posture and apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).


MPL Corporation offers an excellent benefits package. We are dedicated to providing the best possible economic and personal security for each employee.


MPL Corporation is committed to hiring and retaining a diverse workforce. We are an Equal Opportunity Employer, making decisions without regard to race, color, religion, sex, national origin, age, veteran status, disability, or any other protected class. U.S. Citizenship is required.


Email resume to: jobs@mpl.com

How to Apply
Email Resume To jobs@mpl.com

Go back to last page