Job Title: DevSecOps Engineer
Job ID: #446
The NASA SES III contract provides IT services throughout all aspects of the engineering process of the entire space systems arena. Omitron is looking for a DevSecOps Engineer (Development, Security, and Operations, Mid to Senior Level) to support ESDIS Networks & Security Engineering on the SES III contract at the NASA Goddard Space Flight Center (GSFC) in Greenbelt, Maryland.
ESDIS, as a NASA project, implements NASA Information Technology (IT) security policies, guidelines, and best practices according to NPR/NPD’s 2810, 7120, and 7150. The ESDIS project’s migration into the rapidly changing commercial cloud environment under Earthdata Cloud requires a system engineering approach to review and implement NASA policies and industry best practice to ensure the resulting secure architecture meets both user requirements and appropriate policies.
The projects’ information security program is mature with respect to processes and procedures. Process changes have occurred over the last several years which includes: a) Incorporating Cloud security measures; b) Information Security Continuous Monitoring (ISCM); c) Software defined infrastructure and software integration and automations that support points a and b.
- Provides services for maintaining the ESDIS system security plans, continuous monitoring systems, cloud software development and software security.
- Document, implement, report, and maintain all components of the System Security Plans (SSP) for Earth Science Data Information System (ESDIS)
- Participate in NASA IT Security program related meetings, working groups, and project design reviews. Then, assist ESDIS projects in improving their overall IT Security posture under NASA governance.
- · Provide IT Security program support in the role of project Information System Security Engineers (ISSE) who will be appointed by the ISSO, that is a Government civil servant.
- · Develop, and implement, an overall Continuous Monitoring Plan for the Project consistent with OMB, DHS-CISA, DOC-NIST and NASA guidance, policies, and handbooks.
- · Assist the NASA Security Operations Center (NASA SOC) and Goddard Incident Response Team (GSFC-IRT) with incident detection, incident prevention, event triage, recovery and reporting requirements.
- Operate the ESDIS Security Lab (including Cloud accounts) which mainly includes the projects’ network security monitoring systems, central logging systems, vulnerability scanners, and other tools as required.
- Perform computer security system engineering related to EOSDIS interconnections between (and on) EOSDIS subsystems, including ESDIS cloud based systems under the Earthdata Cloud project.
- Perform regression and trend vulnerability tracking using ESDIS Security information and event management (SIEM) and sharing the results in a report to leadership.
- Ancillary duties may include setting up administrator and service accounts, maintaining system documentation, tuning system performance, installing system wide software and allocating mass storage space.
- Bachelor’s Degree (Master’s Degree preferred), Computer Sciences, Computer Engineering, Electrical Engineering, Mathematics, and/or equivalent work year experience.
- At least 3-5+ years of practical full-time experience of the requirements listed.
- Strong initiative to decompose and complete high level objectives outlined by the customer, communicate changes, document, and demonstrate solutions with each software release.
- Must be familiar with NASA ESDIS environment and possess experience in Continuous Integration (CI) / Continuous Development (CD) pipeline.
- fluent with software development processes and tools such as agile development methodologies, release management, code repositories, microservices and serverless, Infrastructure as Code, and modern cloud computing platforms/providers.
- Proficient with, or able to quickly become proficient with, a range of general and specialized applications, software, and hardware used in the organization and the industry
- Certifications such as (ISC)2, ISACA, SANS as well as AWS Solutions Architect and or Azure are desired.
- Experience working with Virtual Machines (VMs), Bamboo, Docker, Ansible, Kubernetes, and other container-management tools are desired.
- Excellent written and communication skills
- Demonstrated experience working successfully and proactively with a distributed team
- Some travel may be required
Location: NASA/Goddard Space Flight Center in Greenbelt, MD.
Security Clearance and other Requirements:
U.S. Citizenship required; the ability to obtain required National Agency Check (NAC) clearance.
Extensive background investigation will be performed as a requirement of the job.
As directed by Executive Order 14042: Ensuring Adequate COVID Safety Protocols for Federal Contractors. You may be required to provide documentation of Full Coronavirus Vaccination Status to Omitron, and to the designated personnel of the subcontracting, contracting and/or federal officials.
Omitron is an Aerospace Engineering and Information Technology small business firm headquartered in Beltsville, Maryland with a field office located in Colorado Springs, Colorado. Since 1984 Omitron has provided excellence in engineering services and product development to government and industry customers for both civilian and military aerospace programs.
Omitron recognizes that outstanding people are the key to our success. Our goal is to select highly qualified and motivated individuals and provide them an environment necessary to stimulate and nurture engineering and business objectives. Omitron offers its employees competitive salaries, a full benefits package, and excellent career growth opportunities. We welcome talented professionals who wish to take advantage of the opportunities we offer.
Omitron is an equal opportunity employer committed to creating an inclusive environment for all of our employees. We strongly encourage women, persons of color, persons with disabilities and veterans to apply. E-Verify Participation/ EEO/AA