NASA Security Job

CrapMasterZero

So I got a call from a NASA research center (this is a govt. job) about a possible job opportunity in their IT Security department. It is a Computer Engineer position and would require me to help out in their vulnerability scanning, patch and log management efforts. The manager also said that this would be my role in the beginning (I would be the junior most member of this team) and that there's possibility of going into the areas of penetration testing, web security and incident handling in the future.

I asked him why he required an engineer for this position. His response was that he wanted someone who really "understood" the stuff and would direct the system admins in remediation of vulnerabilities. I didn't quite understand this point. Anyway...

Sounds to me like lots of grunt work in the beginning, which I don't have a problem with. Should I consider this? He said he would contact me again for a face to face interview.

I would like to get other members' opinion on this type of work and pros/cons. Thanks in advance.

He mentioned that I would be using tools like Foundstone Vulnerability Scanner, Splunk and Dell KASE...any ideas?

millworx

Sounds like a great opportunity in my book, with the potential for growth. Not to mention stability considering it's a govt job. Does this require clearance? And you could always get that relevant work experience to get a full fledged CISSP cert.

CrapMasterZero

millworx wrote: »

Sounds like a great opportunity in my book, with the potential for growth. Not to mention stability considering it's a govt job. Does this require clearance? And you could always get that relevant work experience to get a full fledged CISSP cert.

I am already a govie (in IA field) but want more technical hands-on security work...hopefully this is it? I guess I won't find out until I go through a formal interview...

Bl8ckr0uter

Wow. Do you mind me asking what are your quals?

steve13ad

Sounds like a great opportunity but with the recent push for more a privatization of space missions I'd be a little concerned.

But hell how many people can say that they've worked for NASA? It's a dream that every boy has had!

CrapMasterZero

Bl8ckr0uter wrote: »

Wow. Do you mind me asking what are your quals?

BSEE from a UC, 1.5 years in government IA work (crypto, key management, C&A work). I was surprised that I got a call...I never expected it.

shaqazoolu

I'm already in a job doing all of those things and I think I would jump all over that. If nothing else, it's freaking NASA. You are sure to get some amazing experience there. At this point, I would actually consider taking a pay cut for it. It sounds really cool.

tpatt100

CrapMasterZero wrote: »

BSEE from a UC, 1.5 years in government IA work (crypto, key management, C&A work). I was surprised that I got a call...I never expected it.

You have govt experience, I would jump all over that. Having NASA on your resume for a few years would get you noticed and major geek cred.

When you were told they needed somebody who actually "understood" the stuff, a lot of times government agencies put people into IA positions because they volunteered or they had nowhere to go. So you end up with people with IA titles who know how to "click here" generate a report but have no clue what the report means. They have to do it to maintain compliance but come audit time they have no idea what is going on.

NOC-Ninja

I didn't know working for NASA is a big deal.

Which NASA is this?

carboncopy

NOC-Ninja wrote: »

I didn't know working for NASA is a big deal.

It is until you start working there, lol. At least for the one in Florida.

Cisco Inferno

geek cred trophy right there. and plus i doubt NASA would skimp out on their employees.

NOC-Ninja

carboncopy wrote: »

It is until you start working there, lol. At least for the one in Florida.

lol i know!!! I always wanted to become an Astronaut

colemic

That's even better than being in the air force and chatting up up a girl in a bar:


Guy: Yeah, I'm in the Air Force...
Girl: Ohhh, you're a pilot?!?!?!
Guy: why, YES I am...
(queue Dr. Galazkiewicz Bud Light commercial)

QHalo

colemic wrote: »

That's even better than being in the air force and chatting up up a girl in a bar:


Guy: Yeah, I'm in the Air Force...
Girl: Ohhh, you're a pilot?!?!?!
Guy: why, YES I am...
(queue Dr. Galazkiewicz Bud Light commercial)

Maverick- yes I'm a "Naval Aviator"

Sorry I know you're in the Air Force, but you immediately reminded me of that scene.

CrapMasterZero

Thanks for all the comments guys. I am still waiting for the hiring official to call Anyway it's government...I should know better

I am more excited about this position because it's hands on which is a rarity in government because most of this stuff is usually contracted out, rather than it being in NASA (although it's definitely a plus).

I like security and so far I have been mostly dealing with crypto and key management type work but I want to expand my horizons a little bit. I eventually hope to get a MSEE (Computer Networks...you have to know networks before you can protect it right?) and since this job involves network security I feel it would be a good fit for me (not to mention I don't have to leave government).

Also, I feel that the skills I will learn here will be more helpful in going to private sector if I choose to do so in the future.

For now I am just crossing my fingers and hoping that everything will work out....I hate waiting.

CrapMasterZero

tpatt100 wrote: »

You have govt experience, I would jump all over that. Having NASA on your resume for a few years would get you noticed and major geek cred.

When you were told they needed somebody who actually "understood" the stuff, a lot of times government agencies put people into IA positions because they volunteered or they had nowhere to go. So you end up with people with IA titles who know how to "click here" generate a report but have no clue what the report means. They have to do it to maintain compliance but come audit time they have no idea what is going on.

That's what I thought. Being in IA for a while I have noticed that a lot of my peers have EE/CS background but don't do traditional "engineering" jobs.

I just feel that information security is still in a nascent stage and treads the line between IT and engineering. I mean I have seen people with diverse backgrounds (EE, MIS, liberal arts) working in IT security. Hopefully with cyber being the buzzword in government these days IT security will get its moment in the sun.

Samurai004

lol i know!!! I always wanted to become an Astronaut

Just say you have to do some hands on penetration testing on the space station and presto, free trip to outer space!!!

NOC-Ninja

Samurai004 wrote: »

Just say you have to do some hands on penetration testing on the space station and presto, free trip to outer space!!!

haha I wish! Im sure they will tell me to remote the pen testing IF I ever work for them


CrapMasterZero @ did you get the job?

CrapMasterZero

Am in talks with HR to arrange travel for an interview...it's govt so it's slow

NOC-Ninja

CrapMasterZero wrote: »

Am in talks with HR to arrange travel for an interview...it's govt so it's slow

which NASA is it?

CrapMasterZero

update....I traveled to the interview and ended up receiving an offer from NASA. The position involved me being in charge of their vulnerability scanning and patch management efforts. After talking in detail with everyone there I decided that it wasn't for me and that I wanted my career to go in another direction. So, I declined it to take another position at a different company. The pay is substantially high here with opportunity to do R&D work in cyber-security. These guys also pay 20K a year to get your Masters which is huge for me. The position is in the DC area and I would be working in the area of Computer Network Defense (less operational IT support and more theoretical work). I start in a week....pretty excited

cyberguypr

Congrats bro. It does sound great.

colemic

Congrats on the job! Although I don't know if I could turn down the chance to say I worked for NASA.

NOC-Ninja

What degree and certs do you have?

NOC-Ninja

Nevermind bout the qs. I saw your post at the top.

phoeneous

Hasn't NASA been absolved?