Description SAIC is seeking a Space Systems Security Subject Matter Expert (S4ME) to support our NASA Independent Verification and Validation (IV&V) customer. The candidate will be the primary integration expert on Mission Security work performed across the IV&V Program's Mission Protection Services (MPS) Team analyzing the integration, testing, operations, and maintenance of flight and ground systems security. This role is full-time and will require significant time onsite in Fairmont, WV. The S4ME will be responsible for advancement of integration and excellence of all aspects of IV&V MPS Mission Security services for the IV&V program, to measure effectiveness of defense-in-depth architecture against known and potential vulnerabilities. Activities include: threat modeling, vulnerability identification, vulnerability research, scanning, and assessment, to protect endpoints, systems, applications, and networks from potential security breaches and attacks, for overall NASA mission success. The S4ME will work closely with an MPS Integration Lead overseeing the execution of IV&V services across the IV&V Program. The S4ME will ensure IV&V MPS services, methods, work instructions and resulting analyses/products remain current and state-of-the-art. Develop, acquire, and institutionalize new MPS capabilities and methods as necessary. Develop and conduct training to ensure staff have the requisite knowledge, skills, and abilities (KSAs). Maintain consistency and quality of MPS services across application within the IV&V Program. Execution of MPS services will be expected periodically to maintain skills and to supplement short-term staffing/skill shortfalls.
Qualifications - Active TS/SCI or have ability to obtain a TS/SCI clearance.
- Bachelors and 20 years of experience or more of related experience; Masters and 18 years or more experience; PhD or JD and 15 years or more experience.
- Must be willing to travel to the customer location in Fairmont, WV at least 25% of the time.
- Minimum of ten (10) years of experience with Cybersecurity processes and procedures including:
- Vulnerability Identification
- Threat and Risk Assessment - NIST CMF, NIST RMF
- Threat Modeling - STRIDE, DREAD
- Familiarity with common threat methods and TTPs - MITRE ATT&CK, SPARTA Frameworks
- Experience with Space Domain including:
- Spacecraft concept of operations
- Space Flight and Ground systems and software architectures
- Knowledge of Space systems avionics
- Space data standards knowledge (CCSDS, C2MS, XTCE, etc...)
- Communication Skills - verbal, written, and presentation skills.
- Computer Skills - Microsoft Office Suite (Word, Excel, PowerPoint).
- Soft Skills - professionalism, strong work ethic, creativity, curiosity, problem solving, critical thinking and ability to work in team environment.
- Desired:
- expertise in vulnerability development, cyber exploit tactics and processes, and cyber security experience applied to embedded systems, such as Industrial control systems and FPGAs (Field Programmable Gate Arrays).
- Ability to provide high level summary of results and draw conclusions based on interpretation of data
- Software development, maintenance, and deployment processes and secure coding practices
- System/Software design for mission systems
- Knowledge of Hazards/Causes/Controls, Safety Engineering Analysis, Fault Management/FMEA/FTA analysis results
- Data protection compliance standards: GDPR, HIPAA, PCI-DSS
- Experience with ethical hacking or penetration testing
SAIC accepts applications on an ongoing basis and there is no deadline. Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.