BAE Systems Plc Huntsville , AL 35801
Posted 2 weeks ago
Job Description Jumpstart your career as a cybersecurity professional with BAE Systems, supporting and protecting information systems critical to national security at one of the leading companies in Aerospace and Defense. Develop your Information Assurance (IA) career through hands on application, work with seasoned professionals, and a training and development plan designed to grow your skills in a fast paced, team-based environment.
If you are looking to learn, influence, and help develop top cyber technologies, applications, and processes that protect and service our customers wherever they may be air, land, and sea come join our award-winning security family here at Electronic Systems (ES).
Responsible for supporting adherence to all aspects of a rigorous Risk Management Framework (RMF) compliance program as stipulated by NISPOM/DAAPM, JSIG, ICD 503, STIGs and associated NIST publications.
To obtain and maintain Authority to Operate (ATO) approvals for various systems by adhering to the Risk Management Framework (RMF). This position supports cybersecurity efforts throughout the RMF process for one or more assigned programs(s) to include the development and management of System Security documentation, Plans of Action and Milestones (POA&Ms), assessing and auditing systems security controls, and continuous monitoring of controls.
Because of the need for consistent, in-person collaboration and/or the requirement to perform all work onsite due to the nature of this particular role, it will be performed full-time on site. This means work will be conducted on location at a BAE Systems facility 100% of the time.
Required Education, Experience, & Skills
IAM Level II certification commensurate with DoD 8570.1M requirements
ISSM or relevant cybersecurity experience
High level of personal motivation and initiative to learn and acquire new skills, and adapt seamlessly to an ever-changing security environment
Customer focused, excellent communicator and ability to work with limited supervision.
Strong organizational skills
Able to interface with other IA team members, other security disciplines (industrial security, physical security, special programs security, etc.), program personnel and government security representatives.
Provide oversight for all classified systems compliance, and ensure the execution of our strong self-inspection program.
Ensure all security certification and accreditation documents in relation to all classified systems are up-to-date.
Ensure continuous monitoring (e.g. weekly, monthly, etc.) in accordance with cognizant security authority requirements are being implemented and met.
Coordinate security-related activities with information security architects, senior information security officers, information system owners, common control providers, system/network administrators, and information system security officers.
Experience with the development of core documentation including System Security Plans, Standard Operating Procedures, Plans of Actions and Milestones, Remediation Plans, and Configuration Management Plans.
Experience with the review and creation of mitigation reports from compliance and vulnerability scanning tools (e.g., Nessus, SCAP, ACAS, SCC).
Experience with auditing and certifying compliance of various systems (e.g., Windows, Linux, Network Devices, and peripherals).
Experience with development and delivery of IA-related briefings and training material.
Experience with compliance and vulnerability scanning tools (e.g., Nessus, SCAP, ACAS, SCC).
Preferred Education, Experience, & Skills
Run and maintain the entire information assurance program for more complex efforts or area.
Working knowledge of system functions, security policies, technical security safeguards, and operational security measures.
Translate operational requirements into technical requirements and architectures needed to meet program objectives.
Experience with conducting all aspects of a self-inspection.
Experience with periodic and on-demand system audits and vulnerability assessments; including user accounts, application access, file system, and integrity scans to determine compliance.
Prepare incident reports of analysis methodology and results.
Knowledge of new and emerging information technology (IT) and cybersecurity technologies.
Employ best practices when implementing security controls within an information system; to include, software engineering methodologies, system/security engineering principles, secure design, secure architecture, and secure coding techniques.
Ability to function as an integral part of the development team to include designing and developing organizational information systems or upgrading legacy systems.
About BAE Systems Electronic Systems BAE Systems, Inc. is the U.S. subsidiary of BAE Systems plc, an international defense, aerospace and security company which delivers a full range of products and services for air, land and naval forces, as well as advanced electronics, security, information technology solutions and customer support services. Improving the future and protecting lives is an ambitious mission, but it's what we do at BAE Systems. Working here means using your passion and ingenuity where it counts - defending national security with breakthrough technology, superior products, and intelligence solutions. As you develop the latest technology and defend national security, you will continually hone your skills on a team-making a big impact on a global scale. At BAE Systems, you'll find a rewarding career that truly makes a difference. Electronic Systems (ES) is the global innovator behind BAE Systems' game-changing defense and commercial electronics. Exploiting every electron, we push the limits of what is possible, giving our customers the edge and our employees opportunities to change the world. Our products and capabilities can be found everywhere - from the depths of the ocean to the far reaches of space. At our core are more than 14,000 highly talented Electronic Systems employees with the brightest minds in the industry, we make an impact - for our customers and the communities we serve.
Our Commitment to Diversity, Equity, and Inclusion:
At BAE Systems, we work hard every day to nurture an inclusive culture where employees are valued and feel like they belong. We are conscious of the need for all employees to see themselves reflected at every level of the company and know that in order to unlock the full potential of our workforce, everyone must feel confident being their best, most sincere self and be equipped to thrive. We provide impactful professional development experiences to our employees and invest in social impact partnerships to uplift communities and drive purposeful change. Here you will find significant opportunities to do meaningful work in an environment intentionally designed to be one where you will learn, grow and belong.
BAE Systems Plc