We are currently looking for a Cloud Security Operations Lead to join our team supporting NASA's Enterprise Managed Cloud Computing (EMCC) Group at NASA Ames Research Center in Mountain View, CA. This role will provide experience in SecOps to help our team implement secure, modern, enterprise solutions at NASA. We are interested in people with strong cloud Solutions, security, architecture, development, and engineering backgrounds. You should be accustomed to working in a modern enterprise environment. We need someone who actively seek out problems to solve, is constantly trying to improve processes and infrastructure, and who loves to automate manual tasks and want a quick-thinking individual who can self-manage.
Duties and Responsibilities:
Develop leading-edge cloud security solutions for NASA
Be a mentor and example for team members on security best practices
Perform pen-testing on internal and external networks
Monitor logs and systems to detect compromises or alert on potential security issues
Perform vulnerability scanning and remediation
Assist in security framework design and implementations
Review architecture to ensure security compliance
Centralize, parse, and alert on all incoming cloud audit logs
Develop tools and processes to automate repetitive security related tasks
Research, suggest, and help implement industry best practices and tool sets
Create security process flowcharts and architecture diagrams
Author processes, documentation, and whitepapers for use by team members and customers
Communicate complex topics to management and government personnel in a way they can understand
Perform risk analyses and security impact analyses on internal change requests
Other responsibilities as assigned
Educational/Training Requirements:
BS in Computer Science or related field or equivalent years of experience.
Any Security certification is a plus.
Lean IT or ITIL training or certification is a plus.
Skill Requirements/Qualifications:
8+ years working with Information Technology with a focus on Information Security and/or equivalent educational experience
4+ years of direct experience working with any of the following:
Amazon Web Services (AWS)
Microsoft Azure
Google Cloud Platform (GCP)
or similar in a cloud service provider in a SecOps capacity
Experience performing security audits on enterprise infrastructure
Experience in vulnerability management, mitigation, and remediation
Experience monitoring and tracking inventory of systems, software, and other assets
Experience in writing documentation, processes, workflows, and whitepapers
Ability to explain complex topics to management and other team members
DevOps Tools, Mentality, and Culture experience
Have designed or supported at least one major enterprise level cloud application or platform that supports a large user, compute, or traffic base
Proficient in creating tools, scripts, and automation with one or more of the following: Python, Ruby, Perl or Bash.
Excellent English verbal and written communication skills.
Ability to travel up to 15% of the time to other US based NASA centers.
Must be a US Citizen with ability to obtain a SECRET government clearance or Public Trust.
Additional experience - if available:
EC-Council Certified Ethical Hacker (CEHv11), CISSP, GIAC (GSEC), ISACA (CISA), CompTIA Security+, or other similar certification
Published whitepapers on relevant security topics or has presented at a major security conference such as DefCon, BlackHat, RSA, etc.
Experience performing penetration testing on enterprise infrastructure
Experience with tools like Metasploit, Nmap, Burp Suite, Snort, Kali Linux, etc.
Proficiency in one or more of the following:
Python
Ruby
Go
Java
C/C/C#
Bash or PowerShell
Other equivalent scripting language (So long as you can make logical forking decisions and loops)
AWS CLI, Boto3 SDK, Azure CLI, or Azure commandlet experience
Experience using AND writing syntax for ONE or more of the following:
Terraform
CloudFormation
Azure Blueprints
Ansible/Puppet/Chef
Equivalent Infrastructure-as-Code (IaC) toolset
Continuous Integration and Continuous Deployment (CI/CD) design experience
Agile, ITIL, and general experience with DevSecNetOps and managing one's own projects effectively
Support ticketing platform experience (JIRA, ServiceNow, Zendesk, etc.)
Ability to obtain a government SECRET or TOP SECRET clearance
Work Environment:
Office environment.
Physical Demands:
Mobility to work in a typical office setting, use standard office equipment including a computer and keyboard; vision to read printed materials, correspondence, and a computer screen; Position may involve frequent standing, walking, pushing, pulling, bending, reaching, and lifting (may range from 10-50lbs on a regular basis).
Responsibilities
Skill Requirements/Qualifications:
8+ years working with Information Technology with a focus on Information Security and/or equivalent educational experience
4+ years of direct experience working with any of the following:
Amazon Web Services (AWS)
Microsoft Azure
Google Cloud Platform (GCP)
or similar in a cloud service provider in a SecOps capacity
Experience performing security audits on enterprise infrastructure
Experience in vulnerability management, mitigation, and remediation
Experience monitoring and tracking inventory of systems, software, and other assets
Experience in writing documentation, processes, workflows, and whitepapers
Ability to explain complex topics to management and other team members
DevOps Tools, Mentality, and Culture experience
Have designed or supported at least one major enterprise level cloud application or platform that supports a large user, compute, or traffic base
Proficient in creating tools, scripts, and automation with one or more of the following: Python, Ruby, Perl or Bash.
Excellent English verbal and written communication skills.
Ability to travel up to 15% of the time to other US based NASA centers.
Must be a US Citizen with ability to obtain a SECRET government clearance or Public Trust.
