KBR Information Systems Security Officerj (Supporting NASA at Johnson Space Center) in Houston, Texas
Information Systems Security Officerj (Supporting NASA at Johnson Space Center)
The Human Health & Performance (HHP) Information Systems Security Officer (ISSO) is responsible for overseeing the IT Security posture of the Mission and Medical Information System (MMIS) Environment, and ensuring its compliance with all applicable industry, NASA and Federal Government IT Security-related policies, standards and best practices. The ISSO is responsible for the development, implementation and maintenance of a comprehensive information security and privacy program for the MMIS. The ISSO will collaborate with NASA IT Security personnel to develop and implement IT Security strategy for the HHP Directorate, and will direct the activities and priorities of the Human Health and Performance Information Technology (HHPIT) Security Team in support of these strategies.
• Act as primary IT Security representative from the Human Health and Performance Contract (HHPC) to HHP Directorate and Information Resources Directorate (IRD). Collaborate with IT Security representatives from the HHP Directorate, IRD and other IT contracts as needed.
• Ensure that all MMIS Environments adhere to IT Security requirements outlined in NASA and Federal Government policy. Align the MMIS Environment with the National Institute of Standards and Technology (NIST) System Security Lifecycle.
• Develop, implement and maintain MMIS information security policies, standards and procedures that comply with NASA and Federal Government standards. Ensure that the MMIS is in compliance with those policies, standards and procedures.
• Develop, implement and maintain incident response policies and procedures to address security breaches, privacy breaches and policy violations. Serve as the primary contact for MMIS and HHPIT incident response activities.
• Conduct periodic risk assessments of the MMIS Environments. Develop and execute associated Plans of Action and Milestones (POAMs).
• Collaborate with personnel from all HHPIT Disciplines to ensure that information security policies, standards and procedures are properly addressed and incorporated into the design and implementation of MMIS systems.
• Maintain all IT Security related documentation for HHPIT systems and security plans.
• Ensure that all MMIS Environments adhere to all IT Security requirements required to maintain Authorization to Operate (ATO).
• Proactively identify IT Security threats and vulnerabilities and provide solutions to mitigate these threats.
• Responsible for IT Security Plan Development, Maintenance, Continuous Monitoring and Annual Assessment preparation
• Develop and deliver IT Security related reports as required by the NASA customer and HHPC Management.
• Develop and maintain and monitor all Plan of Actions and Milestones (POA&Ms), Remediation Plans, Risk Based Decisions (RBDs) and other documentation associated with the MMIS Environments.
• Responsible for understanding and remaining current on the NASA Information Security Life Cycle processes, Federal Government Information Assurance policies, and regulations to include OMB requirements, FISMA, and NIST 800 series. Keep current on industry best practices and technology for IT Security. Incorporate improvements as needed and as practical.
• Participate in technical review of new project requests and associated materials, as called for by the Systems Engineering Process (SEP).
• Maintain the protection, privacy and confidentiality of all data and personal information contained in the MMIS Environments.
• Provide periodic status report of work activities to HHPIT Group Lead.
• Ensure that deliverables meet all applicable KBR and NASA quality standards.
• Perform additional duties as assigned. Responsibilities occasionally require work on weekends and/or evenings, sometimes with little to no advance notice.
The ISSO position requires a Bachelors Degree plus 15 years of professional information technology experience, including at least 5 years of most recent experience with IT security as a primary responsibility - or equivalent experience.
• Experience in administering IT security in a Microsoft Windows Server environment.
• Experience working with industry standard IT security tools.
• Experience in system and network administration, including design, implementation, configuration and troubleshooting.
• Experience working with networking hardware, including firewalls, routers and switches.
• Experience installing and supporting Microsoft server technologies.
• Experience coordinating with team members, project staff, customers, users, and other stakeholders to successfully develop, conduct, and implement projects.
Bachelor’s degree in a STEM major
Experience with IT security in a Federal Government/NASA environment, including security plan creation and maintenance.
Experience leading teams
Current Certified Information Systems Security Professional (CISSP) certification
• Advanced knowledge of network monitoring and troubleshooting tools, VPN solutions (CheckPoint, Juniper), encryption software, intrusion detection and vulnerability scanning.
• Excellent verbal and written communication skills. Applicants must have the ability to communicate effectively, both verbally and in writing with personnel at all levels, both one on one and in groups.
• Excellent customer service skills.
• Ability to work well under pressure, and to exercise patience and professionalism during stressful situations.
• Ability to multi-task, and to work effectively in a dynamic, fast-paced environment with time-sensitive deadlines.
• Ability to effectively work multiple assignments simultaneously.
• Ability to effectively manage demanding work schedules and changing priorities.
• Any applicable, industry-standard, IT Security certifications
Scheduled Weekly Hours:
KBR is a global provider of differentiated professional services and technologies across the asset and program lifecycle within the Government Solutions and Energy sectors. KBR employs approximately 38,000 people worldwide (including our joint ventures), with customers in more than 80 countries, and operations in 40 countries, across three synergistic global businesses:
Government Solutions , serving government customers globally, including capabilities that cover the full lifecycle of defense, space, aviation and other government programs and missions from research and development, through systems engineering, test and evaluation, program management, to operations, maintenance, and field logistics
Technology Solutions , featuring proprietary technology, equipment, catalysts, digital solutions and related technical services for the monetization of hydrocarbons, including refining, petrochemicals, ammonia and specialty chemicals, as well as inorganics
Energy Solutions , including onshore oil and gas; LNG (liquefaction and regasification)/GTL; oil refining; petrochemicals; chemicals; fertilizers; differentiated EPC; maintenance services (Brown & Root Industrial Services); offshore oil and gas (shallow-water, deep-water, subsea); floating solutions (FPU, FPSO, FLNG & FSRU); program management and consulting services
KBR is proud to work with its customers across the globe to provide technology, value-added services, integrated EPC delivery and long term operations and maintenance services to ensure consistent delivery with predictable results. At KBR, We Deliver .