Sr. Lead IT Security Analyst - Military veterans preferred

Kellogg Brown & Root (


  full-time   employee

United States


Sr. Lead IT Security Analyst

We are a company of innovators, thinkers, creators, explorers, volunteers, and dreamers. But we all share one goal: to improve the world responsibly and safely.

Must be able to obtain and maintain a US government security clearance

KBR is seeking a knowledgeable IT Leader as a Senior IT Security Specialist to join our team and support NASA’s Goddard Space Flight Center under the Ground Systems & Mission Operations (GSMO-2) Contract. The specialist will direct a multi-disciplined, integrated team of system administrators, network engineers, and IT security compliance personnel.

The specialist will work with project management to create, maintain, and evaluate System Security Plans in the Federal Government. Will also work with in the team to maintain, establish, and operate a complete IT security program, including compliance, continuous monitoring, and system design. Will create and maintain information security policies, procedures, and systems to anticipate, assess and minimize system vulnerabilities creating the correct security posture.

The Sr. Lead IT Security Analyst must have strong task leadership, planning, reporting and communication skills in both leading the team and interfacing with our customer. Under general direction, the specialist is accountable for the performance and results of the IT Security Team, and the delivery of functional objectives by providing leadership and direction to team members.

They will investigate IT Security incidents and work with the Incident Response Team (IRT) for system forensics, diagnostics and/or malware tracking. The specialist will also work closely with the GSFC Cyber-Security Incident Division (CSID) and the Agency Security Operations Center (SOC) to mitigate risks and respond to vulnerabilities and incidents.

Additional Responsibilities:

  • Serve as a principal advisor to the ISO for applicable networks on matters involving the security of the information systems
  • Handle, maintain, and report material and equipment based on Committee on National Security Systems (CNSSI) Instruction policies 4001, 4003, 4005
  • Create Standard Operation Procedures (SOPs) and Configuration Management documentation
  • Create and present plans, reports, analyses, and findings to senior management
  • Advise, implement, and monitor that networks, computing, communication devices, and control equipment comply with the Federal Information Security Management Act (FISMA) and other related Federal, NIST, DHS and NASA security requirements for information technology
  • Perform end to end risk assessment planning and analysis to required standards
  • Perform support activities associated with the design, development, implementation, and maintenance of IT systems
  • Applied knowledge of full software development lifecycle, with emphasis on requirements documentation and test procedure creation and execution
  • Create configuration data and lead the team through configuration management process

Required Education, Experience, & Skills:

  • Bachelor’s Degree and 10 years of related experience
  • Experience with System Security Plans in the Federal Government
  • Extensive system admin experience with Windows Server and Linux operating systems
  • Understand System Security Controls and how they relate to Plan of Action & Milestones (POA&Ms) and Risk Based Decisions (RBDs)
  • Familiarity or experience with NIST 800-53 Rev 4 for Assessing Security and Privacy Controls in Federal Information Systems and Organizations
  • Proven ability to research and problem solve both independently and within a team environment
  • Must be able to comprehend and follow complex procedural documentation and guidance
  • Understand risk assessment planning to action completion
  • Perform compliance and risks analysis tasks to systems standards
  • Strong interpersonal skills to work directly with client, teammates, business partners, end-users, and other stakeholders to review, validate and implement requirements
  • Proven ability to research and problem solve both independently and within a team environment
  • Team leadership and strong interpersonal skills to work directly and clearly with client, teammates, business partners, end-users, and other stakeholders to review, validate and implement requirements
  • Clear and advanced documentation skills in support of enterprise management and policy creation
  • Must be able to comprehend and follow complex procedural documentation and guidance
  • Proven ability to lead teams in multiple concurrent projects and tasks

Preferred certifications:

  • CISSP – Certified Information Systems Security Professional
  • CISA – Certified Information Systems Auditor

Preferred Experience:

  • Extensive system admin experience with Windows Server and Linux operating systems
  • Experience with Storage Area Networks (SANs), Fiber Channel, Fiber Connections, Cluster environment
  • Experience with networks, firewalls, switches, Hyper-V, Virtual Machines (VMs), Virtual Checkpoints/Snapshots
  • Experience with remote management tools, disk encryption, video surveillance systems, system backup solutions
  • Experience with BigFix, Splunk, Nessus
  • Experience with Agile Project management tools such as Jira or others

KBR is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, disability, sex, sexual orientation, gender identity or expression, age, national origin, veteran status, genetic information, union status and/or beliefs, or any other characteristic protected by federal, state, or local law.

KBR — Delivering Solutions, Changing the World.

KBR brings together the best and brightest to deliver science, technology and engineering solutions that help governments and companies around the world accomplish their most critical missions and objectives.

In everything we do, we are guided by our ONE KBR Values:

  • We Value Our People – We create diverse, inclusive environments in which each person can feel safe, respected and valued, and where everyone has opportunities to grow and reach their full potential.
  • We Deliver – We are uncompromising in our commitment to deliver innovative, high-quality, technology-led solutions for our customers and exceptional, sustainable value for all our stakeholders.
  • We Are People of Integrity – We value honesty, trust, courage, fairness, prudence and tenacity. We believe doing what’s right for the planet, the communities where we work, and our people is good for business.
  • We Empower – We empower our people with a shared purpose, the right tools and the supportive culture they need to be proactive decision-makers, to be adaptive to change, and to succeed.
  • We Are a Team of Teams – We have a will to succeed, but we value the achievements of our team of teams over individual accomplishments. Our collective focus makes us a better, stronger, more effective company.

We have also embedded environmental, social and governance (ESG) principles in every business operation and corporate function. Not only are we committed to operating safely, sustainably and equitably, but we are also committed to using our capabilities and expertise to help our customers accomplish their sustainability goals.

Worldwide, KBR employs a diverse workforce approximately 29,000 people strong, with customers in more than 80 countries and operations in 40 countries.

At KBR, We Deliver.

Fraud Alert

Fraud has infiltrated the job placement market via the internet, email and direct phone contact. Attempts have included unauthorized use of KBR’s name and logo to solicit potential job seekers or to extend false job offers. Bad actors may mix in fake job advertisements with legitimate postings. These ads can include contact instructions and require job seekers to send sensitive personal information or money to pay for visa applications, processing fees, etc., in exchange for consideration for a high-paying position.

KBR will never ask for any sort of advance payment as part of the recruiting/hiring process. Candidate profiles are carefully managed to protect personal information.