Cyber Security Budget and Communications Analyst

Venesco is looking for a highly motivated and detail-oriented Cybersecurity Analyst to support NASA’s cybersecurity program. This self-starter will be working within the Agency Office of the Chief Information Officer (OCIO) and will actively participate as a leader in a broad range of Agency-level cybersecurity operations, governance, compliance, budgetary, reporting, and communications tasks in support of a comprehensive cybersecurity, privacy, and controlled unclassified information program.

The Cybersecurity Analyst will join an existing team of government and contractor professionals who are committed to:  exceeding the expectations of their customer, supporting the success of the team, supporting the NASA missions, adding value for the taxpayer, and actively engaged in educating themselves about the dynamic and evolving cybersecurity arena.

Knowledge, Skills, and Abilities Needed

  • Knowledge of cybersecurity risk management processes (e.g., methods for assessing, scoring, and mitigating risk)
  • Knowledge of existing and emerging industry technologies’ potential cybersecurity vulnerabilities, issues, and risks
  • Knowledge of NASA’s core business/mission processes
  • Skilled in communicating with all levels of management especially with C-Level executives (e.g., interpersonal skills, approachability, effective listening skills, appropriate use of style and language for the audience)
  • Skilled in the use of critical thinking to analyze organizational patterns and relationships
  • Ability to interpret and apply laws, regulations, policies, and guidance relevant to organization cyber objectives
  • Ability to apply critical reading/thinking skills to develop policy, plans, and strategy in compliance with laws, regulations, policies, and/or standards in support of the Agency’s cyber activities and mission needs
  • Ability to understand technology, management, and leadership issues related to organization processes and problem solving
  • Ability to deliver high-quality work daily, on deadline, and to ensure factual accuracy of content
  • Ability to recommend and implement process improvements, as necessary, to facilitate team and stakeholder collaboration and improve cybersecurity and privacy operations

Tasks and Activities

  • Promote awareness of cybersecurity policy and strategy as appropriate among management and technical communities of interest, to ensure sound cybersecurity and privacy principles are reflected in the Agency’s mission, vision, and goals
  • Design/integrate a cybersecurity, privacy, and controlled unclassified information strategy which outlines the vision, mission, and goals and align with the organization’s strategic plan
  • Support the CIO in the formulation of cybersecurity, privacy, and controlled unclassified information related policies
  • Provide cybersecurity, privacy, and controlled unclassified information policy guidance to management, staff, and users
  • Establish and maintain all communication channels with stakeholder communities of interest
  • Facilitate meetings, advocate for civil servant positions, or potentially serve on, NASA and/or interagency cybersecurity, privacy, and controlled unclassified information policy and management boards
  • Collaborate with senior agency leadership and subject matter experts to develop, edit, review and/or streamline communications, presentations, and Congressional testimony on federal cybersecurity, privacy, and controlled unclassified information topics
  • Assist with Agency-level IT Security policies, processes, and procedures to support an Agency-level cybersecurity program built around National Institute of Standards and Technology (NIST) Special Publications (SP) 800-53, SP 800-37, 800-39, 800-160, 800-171, and other relevant NIST information security publications
  • Coordinate communications and facilitate information sharing on Agency-level cybersecurity initiatives and priorities with cybersecurity stakeholders across the NASA Centers and Mission Directorates, and with external federal stakeholders including CISA, DHS, OMB, GAO, and Congress

Minimum Qualifications

  • Bachelor’s Degree, or higher, in subjects of study with a focus on project management, cybersecurity, systems engineering, information assurance, communications, or public administration (i.e. Computer Science, Cybersecurity, Journalism, Public Administration, Public Policy, Political Science, or International Relations)
  • A solid understanding of information technology and cybersecurity best practices and experience with NIST Information Security guidance – especially NIST SP 800-53 and delivering a NIST 800-37 compliant program
  • Knowledge and experience with current federal cybersecurity, privacy, and controlled unclassified information legislation and compliance requirements, including but not limited to FISMA and FITARA
  • Four or more years of experience with C-level executive communications
  • Eight years or more of work experience in the fields of information technology, privacy, or cybersecurity
  • Proven ability to take complex issues and distill information, ideas, and concepts to essential elements
  • Understanding of federal cybersecurity communities of interest and stakeholders – including the ability to articulate the differences between GAO and OIG their stakeholders and constituencies
  • Outstanding written and oral communications and presentation skills
  • US Citizenship

Ideal Candidate

  • An expert multitasker who can quickly triage competing priorities and is comfortable balancing long-term goals with short-term demands
  • A solid communicator who can research and synthesize information from multiple sources and be able to present complex subjects clearly and concisely for executive-level decision makers, both verbally and in writing
  • A seasoned professional who can comprehend a strategic direction set by our Agency customer, and who has the drive to pursue that direction via tactical planning, establishment of goals, and independently execute initiatives, objectives, and deliverables
  • Will hold one or more cybersecurity certifications – prefer DOD 8570 at either Level 1 or Level 2 in Information Assurance Technical (IAT), or Information Assurance Management (IAM) – and will have familiarity with the major cloud provider’s cybersecurity processes and tool sets

Venesco LLC, is an equal opportunity and affirmative action employer. Venesco is committed to administering all employment and personnel actions on the basis of merit and free of discrimination based on race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or status as an individual with a disability. Consistent with this commitment, we are dedicated to the employment and advancement of qualified minorities, women, individuals with disabilities, protected veterans, persons of all ethnic backgrounds and religions according to their abilities.

For questions or to submit your résumé, please contact us at careers@venesco.com.