NASA Security Job

CrapMasterZeroCrapMasterZero Posts: 29Member ■□□□□□□□□□
So I got a call from a NASA research center (this is a govt. job) about a possible job opportunity in their IT Security department. It is a Computer Engineer position and would require me to help out in their vulnerability scanning, patch and log management efforts. The manager also said that this would be my role in the beginning (I would be the junior most member of this team) and that there's possibility of going into the areas of penetration testing, web security and incident handling in the future.

I asked him why he required an engineer for this position. His response was that he wanted someone who really "understood" the stuff and would direct the system admins in remediation of vulnerabilities. I didn't quite understand this point. Anyway...

Sounds to me like lots of grunt work in the beginning, which I don't have a problem with. Should I consider this? He said he would contact me again for a face to face interview.

I would like to get other members' opinion on this type of work and pros/cons. Thanks in advance.

He mentioned that I would be using tools like Foundstone Vulnerability Scanner, Splunk and Dell KASE...any ideas?

Comments

  • millworxmillworx Posts: 290Member
    Sounds like a great opportunity in my book, with the potential for growth. Not to mention stability considering it's a govt job. Does this require clearance? And you could always get that relevant work experience to get a full fledged CISSP cert.
    Currently Reading:
    CCIE: Network Security Principals and Practices
    CCIE: Routing and Switching Exam Certification Guide
  • CrapMasterZeroCrapMasterZero Posts: 29Member ■□□□□□□□□□
    millworx wrote: »
    Sounds like a great opportunity in my book, with the potential for growth. Not to mention stability considering it's a govt job. Does this require clearance? And you could always get that relevant work experience to get a full fledged CISSP cert.

    I am already a govie (in IA field) but want more technical hands-on security work...hopefully this is it? I guess I won't find out until I go through a formal interview...
  • Bl8ckr0uterBl8ckr0uter Posts: 5,031Inactive Imported Users ■■■■■■■■□□
    Wow. Do you mind me asking what are your quals?
  • steve13adsteve13ad Posts: 398Member
    Sounds like a great opportunity but with the recent push for more a privatization of space missions I'd be a little concerned.

    But hell how many people can say that they've worked for NASA? It's a dream that every boy has had!
  • CrapMasterZeroCrapMasterZero Posts: 29Member ■□□□□□□□□□
    Wow. Do you mind me asking what are your quals?

    BSEE from a UC, 1.5 years in government IA work (crypto, key management, C&A work). I was surprised that I got a call...I never expected it.
  • shaqazoolushaqazoolu Posts: 259Member ■■■■□□□□□□
    I'm already in a job doing all of those things and I think I would jump all over that. If nothing else, it's freaking NASA. You are sure to get some amazing experience there. At this point, I would actually consider taking a pay cut for it. It sounds really cool.
    :study:
  • tpatt100tpatt100 Posts: 2,989Member ■■■■■■■■□□
    BSEE from a UC, 1.5 years in government IA work (crypto, key management, C&A work). I was surprised that I got a call...I never expected it.

    You have govt experience, I would jump all over that. Having NASA on your resume for a few years would get you noticed and major geek cred.

    When you were told they needed somebody who actually "understood" the stuff, a lot of times government agencies put people into IA positions because they volunteered or they had nowhere to go. So you end up with people with IA titles who know how to "click here" generate a report but have no clue what the report means. They have to do it to maintain compliance but come audit time they have no idea what is going on.
  • NOC-NinjaNOC-Ninja Posts: 1,403Member
    I didn't know working for NASA is a big deal. icon_cool.gif

    Which NASA is this?
  • carboncopycarboncopy Posts: 259Member
    NOC-Ninja wrote: »
    I didn't know working for NASA is a big deal. icon_cool.gif

    It is until you start working there, lol. At least for the one in Florida.
  • Cisco InfernoCisco Inferno Posts: 1,034Member ■■■■■■□□□□
    geek cred trophy right there. and plus i doubt NASA would skimp out on their employees.
    2019 Goals
    CompTIA Linux+
    [ ] Bachelor's Degree
  • NOC-NinjaNOC-Ninja Posts: 1,403Member
    carboncopy wrote: »
    It is until you start working there, lol. At least for the one in Florida.
    lol i know!!! I always wanted to become an Astronaut icon_thumright.gificon_cheers.gif
  • colemiccolemic Posts: 1,568Member ■■■■■■■□□□
    That's even better than being in the air force and chatting up up a girl in a bar:


    Guy: Yeah, I'm in the Air Force...
    Girl: Ohhh, you're a pilot?!?!?!
    Guy: why, YES I am...
    (queue Dr. Galazkiewicz Bud Light commercial)
    Working on: CCSP, definitely, maybe. On the twitters: @mcole1008
  • QHaloQHalo Posts: 1,488Member
    colemic wrote: »
    That's even better than being in the air force and chatting up up a girl in a bar:


    Guy: Yeah, I'm in the Air Force...
    Girl: Ohhh, you're a pilot?!?!?!
    Guy: why, YES I am...
    (queue Dr. Galazkiewicz Bud Light commercial)

    Maverick- yes I'm a "Naval Aviator"

    Sorry I know you're in the Air Force, but you immediately reminded me of that scene.
  • CrapMasterZeroCrapMasterZero Posts: 29Member ■□□□□□□□□□
    Thanks for all the comments guys. I am still waiting for the hiring official to call icon_cry.gif Anyway it's government...I should know better icon_wink.gif

    I am more excited about this position because it's hands on which is a rarity in government because most of this stuff is usually contracted out, rather than it being in NASA (although it's definitely a plus).

    I like security and so far I have been mostly dealing with crypto and key management type work but I want to expand my horizons a little bit. I eventually hope to get a MSEE (Computer Networks...you have to know networks before you can protect it right?) and since this job involves network security I feel it would be a good fit for me (not to mention I don't have to leave government).

    Also, I feel that the skills I will learn here will be more helpful in going to private sector if I choose to do so in the future.

    For now I am just crossing my fingers and hoping that everything will work out....I hate waiting.
  • CrapMasterZeroCrapMasterZero Posts: 29Member ■□□□□□□□□□
    tpatt100 wrote: »
    You have govt experience, I would jump all over that. Having NASA on your resume for a few years would get you noticed and major geek cred.

    When you were told they needed somebody who actually "understood" the stuff, a lot of times government agencies put people into IA positions because they volunteered or they had nowhere to go. So you end up with people with IA titles who know how to "click here" generate a report but have no clue what the report means. They have to do it to maintain compliance but come audit time they have no idea what is going on.

    That's what I thought. Being in IA for a while I have noticed that a lot of my peers have EE/CS background but don't do traditional "engineering" jobs.

    I just feel that information security is still in a nascent stage and treads the line between IT and engineering. I mean I have seen people with diverse backgrounds (EE, MIS, liberal arts) working in IT security. Hopefully with cyber being the buzzword in government these days IT security will get its moment in the sun.
  • Samurai004Samurai004 Posts: 68Member ■■□□□□□□□□
    lol i know!!! I always wanted to become an Astronaut icon_thumright.gificon_cheers.gif

    Just say you have to do some hands on penetration testing on the space station and presto, free trip to outer space!!!icon_thumright.gif
    [SIGPIC][/SIGPIC]


    _________________________________
  • NOC-NinjaNOC-Ninja Posts: 1,403Member
    Samurai004 wrote: »
    Just say you have to do some hands on penetration testing on the space station and presto, free trip to outer space!!!icon_thumright.gif
    haha I wish! Im sure they will tell me to remote the pen testing IF I ever work for them


    CrapMasterZero @ did you get the job?
  • CrapMasterZeroCrapMasterZero Posts: 29Member ■□□□□□□□□□
    Am in talks with HR to arrange travel for an interview...it's govt so it's slow icon_sad.gif
  • NOC-NinjaNOC-Ninja Posts: 1,403Member
    Am in talks with HR to arrange travel for an interview...it's govt so it's slow icon_sad.gif
    which NASA is it?
  • CrapMasterZeroCrapMasterZero Posts: 29Member ■□□□□□□□□□
    update....I traveled to the interview and ended up receiving an offer from NASA. The position involved me being in charge of their vulnerability scanning and patch management efforts. After talking in detail with everyone there I decided that it wasn't for me and that I wanted my career to go in another direction. So, I declined it to take another position at a different company. The pay is substantially high here with opportunity to do R&D work in cyber-security. These guys also pay 20K a year to get your Masters which is huge for me. The position is in the DC area and I would be working in the area of Computer Network Defense (less operational IT support and more theoretical work). I start in a week....pretty excited :D
  • cyberguyprcyberguypr Senior Member Posts: 6,780Mod Mod
    Congrats bro. It does sound great.
  • colemiccolemic Posts: 1,568Member ■■■■■■■□□□
    Congrats on the job! Although I don't know if I could turn down the chance to say I worked for NASA. :)
    Working on: CCSP, definitely, maybe. On the twitters: @mcole1008
  • NOC-NinjaNOC-Ninja Posts: 1,403Member
    What degree and certs do you have?
  • NOC-NinjaNOC-Ninja Posts: 1,403Member
    Nevermind bout the qs. I saw your post at the top.
  • phoeneousphoeneous Go ping yourself... Posts: 2,333Member ■■■■■■■□□□
    Hasn't NASA been absolved?
Sign In or Register to comment.