Cybersecurity Analyst

About The Position

Requirements

• Bachelor's degree in Cybersecurity, Computer Science, Information Systems, or a related field.
• 2-4 years of relevant cybersecurity or IT experience.
• Basic understanding of NIST Risk Management Framework (RMF) and FISMA compliance processes.
• Familiarity with NIST SP 800-37, 800-53, and related controls.
• Strong organizational and project tracking skills; ability to manage multiple concurrent deadlines.
• Excellent written and verbal communication skills.
• Must be U.S. Citizen and be able to obtain a government issued Secret clearance.

Nice To Haves

• Experience with NASA cybersecurity policy or other federal agency cybersecurity programs.
• Exposure to tools such RISCS (RSA Archer), Splunk, Nessus.
• Foundational certifications (e.g., CompTIA Security+, CAP, or equivalent).
• Understanding of network security principles and space communications infrastructure.

Responsibilities

• System Security Plan (SSP) Management
• Support the maintenance and updating System Security Plans (SSPs) for all SCaN mission systems in accordance with NASA and federal cybersecurity requirements (e.g., NIST SP 800-53, FISMA), leveraging the NASA provided tools (RISCS, Splunk (ECL), Nessus, VAMPIRE)
• Track documentation due dates, review cycles, and ensure timely annual updates of all security artifacts.
• Support continuous monitoring and configuration management activities related to system authorizations.
• Monitor agency scorecards for all SCaN SSPs - tracking compliance and reporting to Network Integrity lead. Collaborate with ISSOs of SSPs for compliance. (to include SOC-MAR review/response and Emergency Directives)
• Authorization & Compliance Support
• Maintain schedules and tracking for Authorizations to Operate (ATOs), interim approvals, and related assessment activities.
• Coordinate with Information System Owners (ISOs), Security Control Assessors (SCAs), and third-party assessment teams to ensure timely completion of assessments and deliverables.
• Compile and analyze results of assessments to provide actionable insight and recommendations to the AO.
• Support the preparation and submission of security packages within NASA's RISCS (GRC tool).
• Interconnection and Documentation Oversight
• Provide oversight to the development and maintenance of Interconnection Security Agreements (ISAs) and Memoranda of Understanding (MOUs) between SCaN systems and partner organizations.
• Ensure documentation consistency, currency, and alignment with NASA security policies and standards.
• Track key documentation milestones and deadlines to support audit readiness and compliance.
• Cybersecurity Analysis and Reporting
• Assist in reviewing security assessment results, Plans of Action and Milestones (POA&Ms), and system vulnerability reports.
• Identify trends and areas of improvement for risk reduction across the SCaN cybersecurity portfolio.
• Develop dashboards, reports, and metrics to communicate cybersecurity health and readiness to leadership.
• Collaboration and Mission Support
• Work closely with network engineers, system administrators, and program managers to ensure cybersecurity requirements are integrated throughout the system lifecycle.
• Provide cybersecurity representation in technical and programmatic meetings, including readiness reviews and audits.
• Support occasional travel to NASA field centers, network sites, or partner facilities to assist with assessments or documentation activities.