SAIC is seeking a System Security Analyst candidate to support NASA IV&V’s Mission Protection Services (MPS), focusing on providing assurance that NASA’s mission systems operate safely, reliably, and securely in a growing threat environment. This multi-faceted position requires expertise in identifying cybersecurity risk across missions and mission systems, a deep understanding of one or more mission systems and subsystems, and the ability to analyze these systems to identify mission security hazards, security risk, and assure that security engineering is adequate to protect the safety of crew and success of the mission.
Coordinate with other domain experts to develop a sufficient understanding of the mission and systems to perform security analysis.
CYBERSECURITY RISK IDENTIFICATION
Think like an attacker: identify ways to exploit a specific mission and mission systems that would impact safety and mission success. For example:
Apply domain, mission, and system knowledge coupled with security intelligence of the end-to-end systems to identify areas of cybersecurity risk, where a successful exploit could impact safety or mission success. Go beyond compliance to governing requirements and ensure security of the system.
Conduct and leverage risk assessments to identify high risk mission security hazards and use risk to refine focus areas for cybersecurity analysis.
Ensure the set of system security planning product(s) needed for the end-to-end project requirements are sufficient.
Identify and assess engineered measures to ensure that vulnerabilities are identified, mitigated, and appropriately controlled to prevent exploitation through design, implementation, verification, and operations. Leverage knowledge in implementation details to evaluate flight HW and SW for actual and potential vulnerabilities.
Coordinate cybersecurity assessments across other specialized cybersecurity teams.
TYPICAL EDUCATION AND EXPERIENCE: Bachelors degree and nine (9) years or more experience; Masters and seven (7) years or more experience; PhD and four (4) years or more experience.
Deep understanding and experience in the system and software development lifecycle (e.g. design, implementation, verification) and/or operations of one or more mission system domains such as:
Knowledge of implementation details related to the following functional aspects of the End-to-End system are desired: