Information System Security Officer (ISSO)

About The Position

Requirements

• Bachelor’s degree in Cybersecurity, Computer Science, Computer or Software Engineering, or related discipline with a minimum of 6 years of related Cybersecurity experience; Master’s degree in related disciplines with a minimum of 4 years of related experience; or PhD in related disciplines with a minimum of 2 years related experience.
• Demonstrated experience managing or leading cross-functional teams in complex systems-of-systems environments.
• Knowledge in security concepts and best practices, NIST Risk Management Framework, application of cybersecurity safeguards, and A&A continuous monitoring to include self/independent annual assessments.
• Experience with space mission, Ground Data System (GDS), and/or other space Telemetry, Tracking, and Command system development, integration and test, and operations.
• Strong ability to understand cybersecurity risk posture balanced with operational needs and perform business case analyses to support long-term planning.
• Experience applying cybersecurity principles across the system development lifecycle.
• Experience working with cybersecurity tools and applications such as Splunk, Nessus, GR&C tools such as RSA Archer, code analysis tools, and Endpoint Threat Detection and Response (ETDR).
• Possess the ability to develop and implement process improvements; and have excellent interpersonal and technical communication skills, both written and verbal.

Nice To Haves

• Proven experience working with NASA Science Mission Directorate (SMD) and JPL organizations.
• Experience with Operational Technology (OT) systems to include cybersecurity risk management, threats/vulnerabilities, secure architectures, and industry best practices.
• Expert knowledge of NASA and JPL cybersecurity policies and procedures, prime contract cybersecurity requirements, government regulations, industry best practices, and emergent technologies/solutions.
• Recognized cybersecurity certification(s) (e.g., International Information System Security Certification Consortium, Inc. (e.g., CISSP), Global Information Assurance Certifications, The Computing Technology Industry Association, Inc., etc.)
• Thorough understanding of JPL project practices and familiarity with JPL organization, facilities, and processes.

Responsibilities

• Ensure NASA A&A requirements are met and maintained across JPL System Security Plans (SSP) and are aligned with NASA and JPL’s overarching cybersecurity strategies and solutions
• Evaluate cybersecurity requirements gaps; develop, coordinate, and maintain corresponding Plans of Action and Milestones (POA&M) and Risk Based Decisions (RBD) for leadership approvals
• Maintain JPL SSPs in accordance with NASA’s A&A continuous monitoring requirements
• Address changes to information systems’ security posture driven by operational needs, evolving technologies, and/or new capabilities
• Provide A&A information and supporting evidence to facilitate external audits, high-priority cybersecurity directives, and JPL contract performance objectives
• Management of cybersecurity risk in accordance with the Authorizing Official’s risk appetite
• Alignment of cybersecurity efforts across JPL information systems to meet POA&M and other key cybersecurity objectives
• Understanding and agreement on cybersecurity priorities between NASA and JPL stakeholders
• Communication of JPL’s unique domain needs related to NASA and JPL’s A&A process

Benefits

• variety of health, dental, vision, wellbeing, and retirement plans
• paid time off
• learning
• rideshare
• childcare
• flexible schedule
• parental leave