View Our Website View All Jobs

Authentication Security Engineer

Currently, we’ve implemented two-factor authentication for selected applications, with approximately 50 active tokens. In 2015, we’ll implement these additional capabilities:

Two-factor authentication for VPN access, serving roughly 500 people: Cisco ASA, used in two modes – with the AnyConnect client from STScI laptops, or a VPN portal page for clientless access
Two-factor authentication for an SSH bastion host
Two-factor authentication for privileged accounts, as directed by NASA, referencing NIST SP 800-53 rev 4, IA-2 (1): “The information system implements multifactor authentication for network access to privileged accounts.”

 

Objectives

 

We need to make sure our RSA environment can accommodate our expanded use, and we need to make sure we can manage the environment effectively.

The deliverables will be:

Upgraded software, to the latest stable version
An assessment report that includes:

A review of the current configuration, including diagrams and a technical description
Recommendations on how to improve the configuration in support of  planned use for two-factor authentication
Recommendations on how to establish or improve current processes for managing the RSA environment

A follow-up meeting for discussing the observations and recommendations of the assessment report with designated staff

Read More

Apply for this position

Required*
Apply with
Attach resume as .pdf, .doc, or .docx (limit 2MB) or Paste resume

Paste your resume here or Attach resume file

150