Information System Security Officer (ISSO)

Peraton is seeking a seasoned Information System Security Officer (ISSO) to be part of a cutting edge, mission focused team supporting the Deep Space Network (DSN) in Monrovia, CA with NASA/JPL. You will be responsible for supporting Information Security, processes, procedures and technologies across the DSN including JPL, Monrovia, and Goldstone locations.

The Deep Space Network is NASA’s international array of giant radio antennas that supports interplanetary spacecraft missions, plus a few that orbit Earth. The DSN also provides radar and radio astronomy observations that improve our understanding of the solar system and the larger universe. The antennas of the Deep Space Network are the indispensable link to explorers venturing beyond the moon. They provide the crucial connection for commanding our spacecraft and receiving their never before seen images and scientific information on Earth, propelling our understanding of the universe, our solar system and ultimately, our place within it.

The successful individual will have a working knowledge and experience as an Information Systems Security Officer (ISSO) in the NASA environment. A thorough understanding of Risk Management Framework (RMF) and National Institute of Standards and Technology (NIST) security framework as it applies to NASA security plans.

What You'll Do:  

As an ISSO, you’ll lead cybersecurity efforts for mission-critical systems across the DSN. Your responsibilities will include:

• Designing, implementing, and managing enterprise security operations processes, procedures, and playbooks.
• Identifying, tracking, and remediating vulnerabilities, including patch management.
• Applying NIST 800-53 security controls to both IT and Operational Technology (OT) environments.
• Creating and maintaining POA&Ms (Plan of Actions and Milestones) and RBDs (Risk-Based Decisions).
• Developing security documentation such as System Security Plans (SSPs), risk assessment reports, and continuous monitoring plans.
• Conducting audits, vulnerability assessments, and investigations of security incidents.
• Managing hardware/software configuration control and data integrity processes.
• Providing cybersecurity education and training to system users.
• Collaborating with third-party assessors during cybersecurity audits.
• Supporting NASA project documentation and security compliance for ongoing engineering efforts.
• Ensuring compliance across highly specialized OT environments, including facilities and hardware systems.

Required Qualifications

• 5 years with BS/BA; 3 years with MS/MA
• 3+ years of IT security experience within small companies to large enterprises in science, technology, or engineering environments.
• Working knowledge and experience as an Information Systems Security Officer (ISSO) in the NASA environment.
• Broad technical skills in conducting network and assessments and ISO 17799/27002 based security assessments.
• Broad technology expertise with application, system integration, data, and/or infrastructure knowledge.
• Knowledge of, and experience with, NASA, DOD and other government agency processes and procedures.
• Experience supporting NASA engineering project documents, and required security documents for managing and maintaining system security plans (SSPs) and utilizing RSA Archer (RISCS) and POA&M process.
• A thorough understanding of Risk Management Framework (RMF) and National Institute of Standards and Technology (NIST) security framework as it applies to NASA security plans.
• Endpoint management platforms such as BigFix and security information and event management such as Splunk.
• Vulnerability scanning, NESSUS, SIEM and common methods of exploiting vulnerabilities.
• Endpoint Protection and Data Loss Prevention solutions.
• Secure configuration of Linux, Windows, and Mac based servers and endpoints.
• Experience evaluating physical and digital security protocols at facilities.
• Strong analytical, organizational and decision-making skills with government and corporate security policies and procedures.
• Must possess and retain a valid California Driver’s License (Real ID) .

Desired Qualifications:

• One or more of the following:
• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• Certified Cloud Security Professional (CCSP)
• Global Information Assurance Certification (GIAC)