Cloud Security Operations Lead (supporting NASA)

Cloud Security Operations Lead (supporting NASA)

03 Nov 2023
California, Moffettfield, 94035 Moffettfield USA

Cloud Security Operations Lead (supporting NASA)

Vacancy expired!

Cloud Security Operations Lead

Job Summary:

We are currently looking for a

Cloud Security Operations Lead to join our team supporting NASA's Enterprise Managed Cloud Computing (EMCC) Group at NASA Ames Research Center in Mountain View, CA. This role will provide experience in SecOps to help our team implement secure, modern, enterprise solutions at NASA. We are interested in people with strong cloud Solutions, security, architecture, development, and engineering backgrounds. You should be accustomed to working in a modern enterprise environment. We need someone who actively seek out problems to solve, is constantly trying to improve processes and infrastructure, and who loves to automate manual tasks and want a quick-thinking individual who can self-manage.

Duties and Responsibilities:

  • Develop leading-edge cloud security solutions for NASA
  • Be a mentor and example for team members on security best practices
  • Perform pen-testing on internal and external networks
  • Monitor logs and systems to detect compromises or alert on potential security issues
  • Perform vulnerability scanning and remediation
  • Assist in security framework design and implementations
  • Review architecture to ensure security compliance
  • Centralize, parse, and alert on all incoming cloud audit logs
  • Develop tools and processes to automate repetitive security related tasks
  • Research, suggest, and help implement industry best practices and tool sets
  • Create security process flowcharts and architecture diagrams
  • Author processes, documentation, and whitepapers for use by team members and customers
  • Communicate complex topics to management and government personnel in a way they can understand
  • Perform risk analyses and security impact analyses on internal change requests
  • Other responsibilities as assigned


Educational/Training Requirements:
  • BS in Computer Science or related field or equivalent years of experience.
  • Any Security certification is a plus.
  • Lean IT or ITIL training or certification is a plus.


Skill Requirements/Qualifications:
  • 8+ years working with Information Technology with a focus on Information Security and/or equivalent educational experience
  • 4+ years of direct experience working with

    any of the following:
    • Amazon Web Services (AWS)
    • Microsoft Azure
    • Google Cloud Platform (GCP)
    • or similar in a cloud service provider in a SecOps capacity
  • Experience performing security audits on enterprise infrastructure
  • Experience in vulnerability management, mitigation, and remediation
  • Experience monitoring and tracking inventory of systems, software, and other assets
  • Experience in writing documentation, processes, workflows, and whitepapers
  • Ability to explain complex topics to management and other team members
  • DevOps Tools, Mentality, and Culture experience
  • Have designed or supported at least one major enterprise level cloud application or platform that supports a large user, compute, or traffic base
  • Proficient in creating tools, scripts, and automation with one or more of the following: Python, Ruby, Perl or Bash.
  • Excellent English verbal and written communication skills.
  • Ability to travel up to 15% of the time to other US based NASA centers.
  • Must be a US Citizen with ability to obtain a SECRET government clearance or Public Trust.


Additional experience - if available:

  • EC-Council Certified Ethical Hacker (CEHv11), CISSP, GIAC (GSEC), ISACA (CISA), CompTIA Security+, or other similar certification
  • Published whitepapers on relevant security topics or has presented at a major security conference such as DefCon, BlackHat, RSA, etc.
  • Experience performing penetration testing on enterprise infrastructure
  • Experience with tools like Metasploit, Nmap, Burp Suite, Snort, Kali Linux, etc.
  • Proficiency in one or more of the following:
    • Python
    • Ruby
    • Go
    • Java
    • C/C/C#
    • Bash or PowerShell
    • Other equivalent scripting language (So long as you can make logical forking decisions and loops)
  • AWS CLI, Boto3 SDK, Azure CLI, or Azure commandlet experience
  • Experience using AND writing syntax for ONE or more of the following:
    • Terraform
    • CloudFormation
    • Azure Blueprints
    • Ansible/Puppet/Chef
    • Equivalent Infrastructure-as-Code (IaC) toolset
  • Continuous Integration and Continuous Deployment (CI/CD) design experience
  • Agile, ITIL, and general experience with DevSecNetOps and managing one's own projects effectively
  • Security framework experience (PCI, NIST 800-53, SOX, CIS, etc.)
  • Diagraming experience (Visio, Lucid Charts, OmniGraffle, etc.)
  • Support ticketing platform experience (JIRA, ServiceNow, Zendesk, etc.)
  • Ability to obtain a government SECRET or TOP SECRET clearance


Work Environment:

  • Office environment.


Physical Demands:

  • Mobility to work in a typical office setting, use standard office equipment including a computer and keyboard; vision to read printed materials, correspondence, and a computer screen; Position may involve frequent standing, walking, pushing, pulling, bending, reaching, and lifting (may range from 10-50lbs on a regular basis).


Responsibilities

Skill Requirements/Qualifications:
  • 8+ years working with Information Technology with a focus on Information Security and/or equivalent educational experience
  • 4+ years of direct experience working with

    any of the following:
    • Amazon Web Services (AWS)
    • Microsoft Azure
    • Google Cloud Platform (GCP)
    • or similar in a cloud service provider in a SecOps capacity
  • Experience performing security audits on enterprise infrastructure
  • Experience in vulnerability management, mitigation, and remediation
  • Experience monitoring and tracking inventory of systems, software, and other assets
  • Experience in writing documentation, processes, workflows, and whitepapers
  • Ability to explain complex topics to management and other team members
  • DevOps Tools, Mentality, and Culture experience
  • Have designed or supported at least one major enterprise level cloud application or platform that supports a large user, compute, or traffic base
  • Proficient in creating tools, scripts, and automation with one or more of the following: Python, Ruby, Perl or Bash.
  • Excellent English verbal and written communication skills.
  • Ability to travel up to 15% of the time to other US based NASA centers.
  • Must be a US Citizen with ability to obtain a SECRET government clearance or Public Trust.

Related jobs

Job Details

Jocancy Online Job Portal by jobSearchi.