24-109: Cloud Security Analyst
Colorado State University
Silver Spring, CO
Job posting number: #7244948
Posted: May 14, 2024
Application Deadline: Open Until Filled
Job Description
Description of Work UnitFounded in 1870, Colorado State University is among the nation’s leading research universities and enrolls approximately 32,000 undergraduate, graduate, and professional students. Located an hour north of the Denver metro area, Fort Collins is a vibrant community of approximately 157,000 residents that offers the convenience of a small town with all the amenities of a large city. Fort Collins is situated on the Front Range of the Rocky Mountains with views of 14,000 foot peaks, and offers access to numerous cultural, recreational, and outdoor opportunities.
The Cooperative Institute for Research in the Atmosphere (CIRA) at Colorado State University (CSU) is a multi-million dollar research organization located on CSU’s Foothills Campus in Fort Collins, Colorado. CIRA is a cooperative institute that is also a research department within CSU’s College of Engineering, in partnership with the Department of Atmospheric Science. Its vision is to conduct interdisciplinary research in the atmospheric sciences by entraining skills beyond the meteorological disciplines, exploiting advances in engineering and computer science, facilitating transitional activity between pure and applied research, leveraging both national and international resources and partnerships, and assisting the National Oceanic and Atmospheric Administration (NOAA) the National Weather Service (NWS), CSU, the State of Colorado, and the Nation through the application of our research to areas of societal benefit. The primary goal in the research partnership between CIRA and the NOAA/NWS Meteorological Development Laboratory (MDL) in Silver Spring, MD, is to keep abreast of advanced technology and apply it to CIRA and MDL in support of decision support tools and technologies. The partnership is focused upon providing technical expertise to MDL, providing a framework to foster innovation, science sharing, and development of new tools and services within the NWS with the goal of streamlining the transition of research to operations. The MDL develops and implements techniques that generate products and services that enhance the value of NWS forecast products. Prototyping of promising techniques is done to identify those best for implementation. Once developed and vigorously tested, these techniques are implemented in software on NWS operational platforms.
Position Summary
The Cooperative Institute for Research in the Atmosphere (CIRA) at Colorado State University (CSU) seeks to hire a full-time Cloud Security Analyst to provide security expertise to the Office of Science and Technology Integration (OSTI) of the National Weather Service (NWS), a line office of the National Oceanic and Atmospheric Administration (NOAA).
The primary goal in the research partnership between the NWS OSTI and CIRA has been to keep abreast of advanced technology and apply it to OSTI. This partnership is focused on providing technical expertise to OSTI. OSTI is responsible for developing and implementing scientific techniques into NWS operations to improve weather and environmental forecasts and services. OSTI provides support to NWS field forecast offices, National Centers for Environmental Prediction (NCEP), and external customers nationwide.
OSTI and CIRA have become cloud leaders within the NWS through the implementation of the Virtual Lab (VLab) Cloud. This partnership has focused on utilizing cloud technologies and tools, specifically Amazon Web Services (AWS), to solve development, testing, and training workflows for the STI Portfolio. These workflows focus on streamlining research to operations and include many aspects such as configuration management, development applications, and promoting DevOps. Research staff investigate these areas and prototype promising technologies. Within the VLab Cloud environment, OSTI and CIRA currently support a wide range of clients (e.g., AWIPS Program, Warning Decision Training Division, Operations Proving Ground, Storm Prediction Center, NCEP EMC, STI Modeling, etc.), where we provide onboarding, administration, operations, maintenance, security, and cost support.
The individual in this position will report to the VLab supervisory programmer/analyst and serve as a cloud security analyst on the VLab and VLab Cloud projects. Specifically, the individual in this position will work with NWS staff and contractors to:
Ensure that VLab services and projects running on the VLab Cloud Platform are in compliance with IT security best practices and government IT security regulations;
Help plan, explore, and implement IT security best practices that enable the NWS to transition from on-premise based security systems to Cloud-based systems;
Develop automation methods related to IT security and compliance reporting.
Assist with security event forensics and root-cause analyses.
This work will include participating in remote weekly development discussions, and periodic in-person meetings which may take place in Silver Spring, MD. We seek a highly motivated, goal-oriented individual, who loves technology and works well within a team as well as individually.
This position requires a NOAA Common Access Card (CAC) ID badge for computer access and is therefore open ONLY to citizens of the United States and lawful permanent residents in possession of a physical USCIS “Green Card.” This position is located in a federal facility in Silver Spring, MD and requires the ability to pass a National Agency Check with Inquiries (NACI) Tier 1 federal background check for building access. The office will be in Silver Spring; however, the option exists to work remotely from a home/office. Periodic, in-person coordination meetings in Silver Spring and other locations will be required, and travel to attend those meetings will be paid by the project. The individual in this position will be an employee of CIRA-CSU.
CSU recognizes the importance of supporting its employees as they balance their career, personal and family life, and that employees must be able to recharge, feel protected in their employment, and take the time they need to improve their overall productivity and health. Faculty, Administrative Professional, and other Non-Classified Staff are provided with paid and unpaid leave benefits to support them and their family and enhance financial security. Full time employees accrue 16 hours of paid annual leave and 10 hours of paid sick leave per month. Employees also receive paid time off for 11 legal holidays, jury duty, and bereavement leave. CSU retirement plans include a mandatory Defined Contribution Plan (DCP) and several voluntary plans (401(k), 403(b), and 457). CSU employees are required to contribute 8% of their salary to the DCP, but receive a generous 12% employer contribution. CSU’s Commitment to Campus offers employees a healthy work-life balance through a wide variety of programs, discounts, and special benefits. This includes Employee Study Privilege (nine free credits per year available through CSU, CSU Global, CSU Online Plus, and University of Northern Colorado), Family Tuition Scholarship Program (50% reduction in tuition), Discounted Veterinary Care, Wellness Membership Discounts, Volunteers in Public Schools Leave Program, Athletic Ticket Discounts, and much more! Visit hr.colostate.edu/current-employees/benefits to learn more about working at CSU. This information is a summary and is not all inclusive of benefits offered at CSU.
Required Job Qualifications
In your cover letter, please specifically address EACH required qualification as it relates to your experience. An application without a cover letter that addresses each of the required qualifications for this position will not be considered further.
Bachelor’s Degree in Computer Science or related technical field of study plus 5 years of practical experience in IT security OR Master’s Degree in Computer Science or related technical field of study plus 2 years of practical experience in IT security OR PhD in Computer Science or related technical field of study. In lieu of a degree, the search committee will accept candidates who possess at least 10 years of practical experience in IT / IT security AND in-depth knowledge of operational meteorology, NWS operations, AWIPS, and NWS users and partners.
Must be a citizen of the United States or Lawful Permanent Resident with a physical USCIS “Green Card.”
Ability to pass a National Agency Check with Inquiries (NACI) federal background check and receive a NOAA Common Access Card (CAC) ID badge.
Experience with one of the following cloud platforms: AWS, Google, or Microsoft Azure.
Experience analyzing projects and recommending/implementing IT security best practices.
Willingness to adhere to design, coding, and other project conventions.
Willingness to learn new skills for professional growth within the position.
High degree of initiative and excellent communication skills.
Must be reliable, self-motivated, and comfortable working in an agile and creative team environment.
Preferred Job Qualifications
In your cover letter, please specifically address the applicable preferred qualifications for this position. A cover letter that fails to address the preferred qualifications for this position will not be considered further after review by the search committee.
AWS Certified Security – Specialty certification.
Vendor-agnostic security certifications (such as CISSP).
Experience with the following AWS security services: Detective, GuardDuty, Trusted Advisor, Inspector, Secrets Manager, Security Hub, Shield, Firewall Manager, and WAF.
Experience with the following AWS services: Amazon FSx for Lustre, AWS CLI, AWS SDKs, CloudTrail, CloudWatch, Config, EBS, EC2, EC2 Image Builder, EFS, IAM, Lambda, S3, Systems Manager.
Familiarity with FISMA compliance and FIPS 800-53 security controls.
Experience with Linux system administration.
Experience with Kubernetes.
Experience with Infrastructure as Code (IaC) (Terraform and/or CloudFormation)
Experience with continuous integration (e.g. Jenkins).
Experience with code review.
Experience with the software development process.
Experience performing security event forensics and root-cause analyses.
Experience troubleshooting complicated technical issues.
Experience supporting and maintaining a highly-available system.
Experience handling multiple tasks and meeting project deadlines.
Experience coordinating projects or research between multiple groups or agencies.
Knowledge of operational meteorology, NWS operations, AWIPS, and NWS users and partners.