Cyber Security, Information Systems Security Manager (Issm)

BAE Systems Plc Huntsville , AL 35801

Posted 2 weeks ago

Job Description Jumpstart your career as a cybersecurity professional with BAE Systems, supporting and protecting information systems critical to national security at one of the leading companies in Aerospace and Defense. Develop your Information Assurance (IA) career through hands on application, work with seasoned professionals, and a training and development plan designed to grow your skills in a fast paced, team-based environment.

If you are looking to learn, influence, and help develop top cyber technologies, applications, and processes that protect and service our customers wherever they may be air, land, and sea come join our award-winning security family here at Electronic Systems (ES).

Responsible for supporting adherence to all aspects of a rigorous Risk Management Framework (RMF) compliance program as stipulated by NISPOM/DAAPM, JSIG, ICD 503, STIGs and associated NIST publications.

To obtain and maintain Authority to Operate (ATO) approvals for various systems by adhering to the Risk Management Framework (RMF). This position supports cybersecurity efforts throughout the RMF process for one or more assigned programs(s) to include the development and management of System Security documentation, Plans of Action and Milestones (POA&Ms), assessing and auditing systems security controls, and continuous monitoring of controls.

Because of the need for consistent, in-person collaboration and/or the requirement to perform all work onsite due to the nature of this particular role, it will be performed full-time on site. This means work will be conducted on location at a BAE Systems facility 100% of the time.

Required Education, Experience, & Skills

  • IAM Level II certification commensurate with DoD 8570.1M requirements

  • ISSM or relevant cybersecurity experience

  • High level of personal motivation and initiative to learn and acquire new skills, and adapt seamlessly to an ever-changing security environment

  • Customer focused, excellent communicator and ability to work with limited supervision.

  • Strong organizational skills

  • Able to interface with other IA team members, other security disciplines (industrial security, physical security, special programs security, etc.), program personnel and government security representatives.

  • Provide oversight for all classified systems compliance, and ensure the execution of our strong self-inspection program.

  • Ensure all security certification and accreditation documents in relation to all classified systems are up-to-date.

  • Ensure continuous monitoring (e.g. weekly, monthly, etc.) in accordance with cognizant security authority requirements are being implemented and met.

  • Coordinate security-related activities with information security architects, senior information security officers, information system owners, common control providers, system/network administrators, and information system security officers.

  • Experience with the development of core documentation including System Security Plans, Standard Operating Procedures, Plans of Actions and Milestones, Remediation Plans, and Configuration Management Plans.

  • Experience with the review and creation of mitigation reports from compliance and vulnerability scanning tools (e.g., Nessus, SCAP, ACAS, SCC).

  • Experience with auditing and certifying compliance of various systems (e.g., Windows, Linux, Network Devices, and peripherals).

  • Experience with development and delivery of IA-related briefings and training material.

  • Experience with compliance and vulnerability scanning tools (e.g., Nessus, SCAP, ACAS, SCC).

Preferred Education, Experience, & Skills

  • Run and maintain the entire information assurance program for more complex efforts or area.

  • Working knowledge of system functions, security policies, technical security safeguards, and operational security measures.

  • Translate operational requirements into technical requirements and architectures needed to meet program objectives.

  • Experience with conducting all aspects of a self-inspection.

  • Experience with periodic and on-demand system audits and vulnerability assessments; including user accounts, application access, file system, and integrity scans to determine compliance.

  • Prepare incident reports of analysis methodology and results.

  • Knowledge of new and emerging information technology (IT) and cybersecurity technologies.

  • Employ best practices when implementing security controls within an information system; to include, software engineering methodologies, system/security engineering principles, secure design, secure architecture, and secure coding techniques.

  • Ability to function as an integral part of the development team to include designing and developing organizational information systems or upgrading legacy systems.

About BAE Systems Electronic Systems BAE Systems, Inc. is the U.S. subsidiary of BAE Systems plc, an international defense, aerospace and security company which delivers a full range of products and services for air, land and naval forces, as well as advanced electronics, security, information technology solutions and customer support services. Improving the future and protecting lives is an ambitious mission, but it's what we do at BAE Systems. Working here means using your passion and ingenuity where it counts - defending national security with breakthrough technology, superior products, and intelligence solutions. As you develop the latest technology and defend national security, you will continually hone your skills on a team-making a big impact on a global scale. At BAE Systems, you'll find a rewarding career that truly makes a difference. Electronic Systems (ES) is the global innovator behind BAE Systems' game-changing defense and commercial electronics. Exploiting every electron, we push the limits of what is possible, giving our customers the edge and our employees opportunities to change the world. Our products and capabilities can be found everywhere - from the depths of the ocean to the far reaches of space. At our core are more than 14,000 highly talented Electronic Systems employees with the brightest minds in the industry, we make an impact - for our customers and the communities we serve.

Our Commitment to Diversity, Equity, and Inclusion:

At BAE Systems, we work hard every day to nurture an inclusive culture where employees are valued and feel like they belong. We are conscious of the need for all employees to see themselves reflected at every level of the company and know that in order to unlock the full potential of our workforce, everyone must feel confident being their best, most sincere self and be equipped to thrive. We provide impactful professional development experiences to our employees and invest in social impact partnerships to uplift communities and drive purposeful change. Here you will find significant opportunities to do meaningful work in an environment intentionally designed to be one where you will learn, grow and belong.

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Alternate Information Systems Security Manager (Issm) Huntsville AL

Raytheon Technologies Corp

Posted 1 week ago

VIEW JOBS 11/18/2022 12:00:00 AM 2023-02-16T00:00 <p>Date Posted:</p><p>2022-11-15-08:00</p><p>Country:</p><p>United States of America</p><p>Location:</p><p>AL200: 401 Jan Davis Drive Huntsville 401 Jan Davis Drive , Huntsville, AL, 35806 USA</p><p>Position Role Type:</p><p>Onsite</p><p>At Raytheon Missiles &amp; Defense, you have the opportunity to try new things and make a bigger difference across a broader end-to-end solution, a richer technology and product set, an expanded range of disciplines, a growing global footprint and a more diverse team of colleagues and customers.</p><p>Job Summary:</p><p>Our cybersecurity team in Huntsville, AL, is seeking an Alternate Information Systems Security Manager (ISSM) known as a Principal Specialist Cyber Security &amp; Risk Management Professional within RMD. Relocation support is available, see below for further details regarding what we offer.</p><p>The Alternate Information Systems Security Manager is responsible for compliance oversight, assessment, and operations of systems under their purview. They may be assigned to a single large-scale program or oversee multiple programs</p><p>Alt ISSMs conduct recurring Cybersecurity reviews on information systems in accordance with DoD Manuals, NIST Special Publications, customer directives, and company policies as applicable (see list below for further details).</p><p>You are responsible for the execution of the RMD Continuous Monitoring Plan as required by CA-2 Security Assessments. You'll serve as subject matter experts (SME) on a broad range of Cybersecurity topics. You may represent the Cybersecurity organization and business unit to external Cybersecurity counterparts. You are responsible for providing guidance and technical training to ISSOs across the organization.</p><p>There's no such thing as a perfect candidate, so don't hold back. Your qualifications could add tremendous value to our team. Our customers come from all different backgrounds, and so do our employees. If you're passionate about what you could accomplish here, we'd love to hear from you.</p><p>Responsibilities to Anticipate:</p><ul><li><p>Reviewing and approving (within authority) configuration management requests</p></li><li><p>Conducting technical and administrative assessments</p></li><li><p>Integrating new Cybersecurity processes, procedures and tools</p></li><li><p>Support ISSOs and Cybersecurity Managers in the creation, review and update of Cybersecurity documentation and other technical writing</p></li><li><p>Oversee ISSO's to ensure implementation of policies and procedures as outlined within the Cybersecurity artifacts and governing documentation</p></li></ul><p>Important note: Within six months of hire date, you must obtain and maintain a Security professional certification commensurate with IAM Level I certification (Security+ or other), if you do not already have this certification.</p><p>Qualifications You Must Have:</p><ul><li><p>Typically requires a Bachelor's Degree in either Computer Science, Information Systems Management, Information Technology, Criminal Justice, STEM, or Business and five (5) years of relevant experience, as described below. In absence of a degree, nine (9) relevant experience as described below.</p></li><li><p>An advanced degree in a related field may be substituted for 2 additional years of experience.</p></li><li><p>Five (5) years of experience with any combination of the following: cybersecurity, network security architecture, system hardening, auditing/compliance methods, Information Technology, and/or systems security engineering concepts such as topology, protocols, components, and/or principles (e.g., application of defense-in-depth).</p></li><li><p>Experience supporting cybersecurity compliance as stipulated by NISPOM/DAAPM, JSIG, ICD 503, STIGs and associated NIST publications</p></li><li><p>An active and in-scope Secret US security clearance</p></li></ul><p>Qualifications We Value:</p><ul><li><p>Experience working in DoD classified operating and/or laboratory environments</p></li><li><p>Experience with various information system security tools that address vulnerability analysis and mitigation. These may include Splunk, Forcepoint, Ivanti, Tenable, ACAS, HBSS, etc.</p></li><li><p>Familiarity with implementation of Government directives and policies derived from NIST, CNSSI, DoD, or other Government Regulatory compliance standards within a professional industry</p></li><li><p>Experience in the execution of the Assessment &amp; Authorization processes, as defined within the Risk Managed Framework (RMF)</p></li><li><p>Experience providing technical security consultation for complex, cross-domain, heterogeneous classified networked environments in collaboration with internal/external Customers, Information Technology (IT)</p></li><li><p>Familiarity with large multi-facility networks including diverse and complex components, including Windows and Linux environments</p></li><li><p>Experience interpreting, implementing, and assessing DISA STIGs.</p></li><li><p>Familiarity with the execution and management of cyber incident response; preservation, containment, and eradication</p></li></ul><p>The National Industrial Security Program Operating Manual (NISPOM), DoD Special Access Program (SAP) Security Manuals, Risk Management Framework (RMF), Intelligence Community Directive (ICD-503), Joint Special Access Program (SAP) Implementation Guide (JSIG), Defense Counterintelligence Security Agency (DCSA) Assessment and Authorization Process Manual (DAAPM), associated National Institute of Standards and Technology (NIST).</p><p>What We Offer:</p><p>Whether you're just starting out on your career journey or are an experienced professional, we offer a robust total rewards package that goes above and beyond with compensation; healthcare, wellness, retirement and work/life benefits; career development and recognition programs. Some of the superior benefits we offer include parental (including paternal) leave, flexible work schedules, achievement awards, educational assistance and child/adult backup care.</p><p>Employee Referral Award Eligibility: Only employees currently within RMD and RI&amp;S have the potential to receive a Referral Award for submitting a referral to RMD and RI&amp;S roles. ALL eligibility requirements must be met (see guidelines) to receive the Referral Awarding</p><p>Check us out on YouTube!</p><p></p><p>#LI-Onsite</p><p>Raytheon Technologies is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.</p><p>Privacy Policy and Terms:</p><p>Click on this link to read the Policy and Terms</p><br> Raytheon Technologies Corp Huntsville AL

Cyber Security, Information Systems Security Manager (Issm)

BAE Systems Plc