Isso In Jobs in Illinois (NOW HIRING)

Responsibilities:

TheEnterpriseCybersecurity Engineer III (ISSO)falls underthe CybersecurityGovernance, Risk, and Compliance (GR&C)team (6210) within the Office of the Chief Information Security Officer (6200).

TheEnterpriseCybersecurity Engineer III (ISSO)will serve asanISSO forJPL's institutional, research and development, and missioninformation systems.They will work closely withprojectleads, engineers, and developersto ensure cybersecuritysafeguards are applied in a consistent and integrated manner, aligned withNASA and JPLcybersecurity requirements andpriorities, andcomply withNASA's Assessment and Authorization (A&A) process andotherregulatoryreportingrequirements.

TheEnterpriseCybersecurity Engineer III (ISSO)will serve as theGR&Cfocal point to:

• Ensure NASA A&A requirements are met andmaintainedacrossJPLSystem Security Plans (SSP)and are aligned withNASAand JPL'soverarching cybersecurity strategies and solutions

• Evaluate cybersecurity requirements gaps; develop, coordinate, andmaintaincorresponding Plans of Action and Milestones (POA&M) and Risk Based Decisions (RBD) for leadership approvals

• MaintainJPLSSPsin accordance withNASA's A&A continuous monitoring requirements

• Address changes to information systems' security posture driven by operational needs, evolving technologies, and/or new capabilities

• Provide A&A information and supporting evidence tofacilitateexternal audits, high-priority cybersecurity directives, and JPL contract performance objectives

TheEnterpriseCybersecurity Engineer III (ISSO)willcommunicate and coordinate across a broad range of stakeholders tosupport:

• Management ofcybersecurity riskin accordance withthe Authorizing Official's risk appetite

• Alignment of cybersecurity efforts acrossJPLinformation systemsto meet POA&M and otherkey cybersecurityobjectives

• Understanding and agreement on cybersecurity prioritiesbetween NASA and JPLstakeholders

• Communication ofJPL's uniquedomain needs related to NASA and JPL's A&A process

Qualifications:

The following qualifications arerequired:

• Bachelor's degree inCybersecurity, Computer Science,Computeror Software Engineering, or related discipline with a minimum of6years of related Cybersecurity experience;Master'sdegree inrelateddisciplines with a minimum of4years of related experience; or PhD inrelateddisciplines with a minimum of2years related experience.

• Demonstrated experience managing or leading cross-functional teams in complexsystems-of-systems environments.

• Knowledge insecurity concepts and best practices,NIST Risk Management Framework, application of cybersecurity safeguards,and A&A continuous monitoring to include self/independent annual assessments.

• Experiencewithspace mission,Ground Data System (GDS),and/orotherspace Telemetry, Tracking, and Commandsystem development, integration and test,and operations.

• Strong ability to understand cybersecurity risk posture balanced with operational needs and perform business case analyses to support long-term planning.

• Experience applying cybersecurity principles across the system development lifecycle.

• Experience working with cybersecurity tools and applications such as Splunk, Nessus, GR&C tools such as RSA Archer,code analysis tools, and Endpoint Threat Detection and Response (ETDR).

• Possess the ability to develop and implement process improvements; and have excellent interpersonal and technical communication skills, both written and verbal.

Preferred Skills:

• Proven experience working with NASA Science Mission Directorate(SMD)andJPL organizations.

• Experience with Operational Technology (OT) systems to includecybersecurityrisk management, threats/vulnerabilities, secure architectures, and industry best practices.

• Expert knowledge of NASA and JPL cybersecurity policies and procedures,prime contract cybersecurity requirements,government regulations,industry best practices, and emergent technologies/solutions.

• Recognized cybersecurity certification(s)(e.g.,International Information System Security Certification Consortium, Inc.(e.g., CISSP), Global Information Assurance Certifications,The Computing Technology Industry Association, Inc., etc.)

• Thorough understanding of JPL project practices and familiarity with JPL organization, facilities, and processes.