Cyber Anst Prin

BAE Systems • Hill AFB, Utah, United States • 1w ago

BAE Systems is seeking an exceptional, Principle Cybersecurity Analyst for an exciting opportunity to support the Air Force (AF) acquisition of the next generation Intercontinental Ballistic Missile (ICBM).

Why BAE Systems? BAE Systems is the third largest defense contractor in the world with an exceptional, mission-focused culture. The 1200+ BAE Systems employees and sub-contractors located at Hill AF Base, UT are closely aligned to the US AF Nuclear Weapons Center. We support the Center in sustaining the existing LGM-30 Minuteman III (MMIII) weapon system and acquiring its replacement, the LGM-35A Sentinel. We are a uniquely-valued mission partner delivering daily technical excellence and innovative solutions to our government customers. BAE Systems has earned accolades as a “Top Workplace” in UT based on employee feedback for 3 consecutive years, earning special distinction for providing a healthy work-life balance for our valued employees. We work very hard to ensure this is a great place to work!

Why Utah? You’ve got to see it to believe it! UT is an amazing state with diverse geography, an eclectic culture and an exceptional quality of life. We're north of Salt Lake City (SLC) at the foot of the beautiful Wasatch Mountains. The area offers an incredible range of outdoors pursuits across the seasons including hiking, climbing, hunting, fishing, camping, boating and world-class skiing at resorts that hosted the 2002 Winter Olympics. The state is home to 5 amazing National Parks and an easy drive from two more; Grand Teton and, famously, the 1st National Park in the world, Yellowstone. The SLC area offers a vast array of cultural activities and businesses including multiple professional sports teams. It is a western states hub for exceptional, cutting-edge medical care with people traveling from across the region for a range of nationally renowned specialty care centers and doctors. The SLC International Airport is expanding and offers easy, direct access to just about anywhere you want to fly.

Why Sentinel? The Sentinel Program (formerly Ground Based Strategic Deterrent) is an enormous and complex “Mega-Project” modernizing the entire ICBM weapon system deployed across tens of thousands of square miles in five states. Without any doubt, Sentinel is one of the DoD’s most important acquisition efforts for the next decade, if not longer. It includes a complete refurbishment of hundreds of aging MMIII ICBM facilities to secure and support a newly designed, technologically advanced ballistic missile. It will also provide an entirely new command and control system as well as vast array of required support equipment specifically engineered to operate and sustain the new weapon system over the decades ahead. It enjoys broad, strong support at the national level. It's a long-term project--the weapon system will remain operational until at least 2075. Sentinel is a career-defining program that will present unique and challenging opportunities that simply are not available with smaller projects.

This position works with the Information System Security Manager (ISSM), System Program Managers (PM), and Authorizing Official (AO) representatives providing cybersecurity analytical services and/or products to ensure the development and operation of safe, secure, and effective systems as part of the deployed ICBM weapon system. The cybersecurity analyst will support the program office to conduct accurate systems and cyber threat analysis associated with a wide range of information technology, data systems, software, and operational technology required for the functional performance and cyber defense capabilities of the weapon system. They will also support system design to enable the issuance and maintenance of multiple Authority to Operate (ATO) approvals for various ICBM weapon subsystems and supporting IT systems by adhering to the Risk Management Framework (RMF). This includes system categorization and control identification, implementation, and assessment. This position is responsible for cybersecurity efforts throughout the RMF for one or more assigned programs(s) to include the development and analysis of System Security Plans, resolution of Plans of Action and Milestones (POA&Ms), review of system audits, and monitoring of corrective actions. This position provides the opportunity to develop and hone communication, customer relationship, and leadership skills while working with a close-knit fun-loving team of other cybersecurity professionals.

The successful candidate will be energetic, self-motivated, and have the ability to adapt to a fast-paced environment with the desire to make a difference. Knowledge and experience working with the DoD’s Cybersecurity practices, processes and applying the RMF is required.

The specific responsibilities of this position include, but are not limited to:

Serves as a cybersecurity analyst to provide technical consult to the weapon system ISSM, AO, PM, Information System Owner (ISO) and the various weapon system product design teams.
Support the Program Office to prioritize cyber threats and advise of protective mitigations/solutions
Conduct offensive architecture analysis and design of defense-in-depth solutions
Coordinate and negotiate with customers AOs and system development teams
Perform analysis and evaluation to design, implement, test and field secure systems, networks, and architectures
Lead the development of system security plans including, security concepts of operation (SECONOP), risk management matrix, security control traceability matrix, security test procedures, and plan of action and milestones
Analyze vulnerability assessments to validate system compliance with cyber requirements, RMF controls, and DISA Security Technical Information Guidelines (STIGS)
Advise and participate with security test event teams to achieve cyber requirement validation and verification for system accreditation milestones
Verify and validate vulnerability resolutions and/or mitigations
Analyze static code scans and dynamic code scans to detect software vulnerabilities
Review all technical changes to determine security relevance
Advise and develop program technical publications such as Systems Engineering Plans (SEP), Technical Plans, Analyses and Reports, Risk Assessments, SECONOP, Program Protection Plan, Anti-Tamper Plan, Cybersecurity Strategy, Technology Development Strategies, Test Plans, procedures, reports, System Security Plans and related documentation
Support proposal activities, developing innovative cyber solutions and developing accurate cost estimates

#ASFS

7 years of progressive technical experience in cybersecurity or IT ; or 5 years with Master of Science Degree in a Computer/Electrical Engineering, Cybersecurity or Information Systems related field of study.
Able to obtain a U.S. Government Top Secret/SCI security clearance.
At least 5 years progressive responsibility in providing technical guidance to leadership.
Previous experience as an ISSO using the RMF (or DIACAP)
DoD 8570 IAT level 2 compliance or higher certification required (Security +, CCNA-Security, GICSP, GSEC, or SSCP) or ability to obtain such within 6 months of being hired
Experience or knowledge of cybersecurity, networks, system components, system protocols, COTS technology, and software development
Experience developing external customer relationships and ability to communicate cybersecurity concepts and requirements with senior leaders
Effective organizational, time management, and communications skills (written and verbal)
Able to work independently, demonstrate strong initiative, and organize daily tasks with minimal supervision
Strong communication skills (oral and written) commensurate with expected mid- to senior-level civilian and military participants from various U.S. Government agencies

About BAE Systems Intelligence & Security
BAE Systems, Inc. is the U.S. subsidiary of BAE Systems plc, an international defense, aerospace and security company which delivers a full range of products and services for air, land and naval forces, as well as advanced electronics, security, information technology solutions and customer support services. Improving the future and protecting lives is an ambitious mission, but it’s what we do at BAE Systems. Working here means using your passion and ingenuity where it counts – defending national security with breakthrough technology, superior products, and intelligence solutions. As you develop the latest technology and defend national security, you will continually hone your skills on a team—making a big impact on a global scale. At BAE Systems, you’ll find a rewarding career that truly makes a difference.

Intelligence & Security (I&S), based in McLean, Virginia, designs and delivers advanced defense, intelligence, and security solutions that support the important missions of our customers. Our pride and dedication shows in everything we do—from intelligence analysis, cyber operations and IT expertise to systems development, systems integration, and operations and maintenance services. Knowing that our work enables the U.S. military and government to recognize, manage and defeat threats inspires us to push ourselves and our technologies to new levels.

Our Commitment to Diversity, Equity, and Inclusion:
At BAE Systems, we work hard every day to nurture an inclusive culture where employees are valued and feel like they belong. We are conscious of the need for all employees to see themselves reflected at every level of the company and know that in order to unlock the full potential of our workforce, everyone must feel confident being their best, most sincere self and be equipped to thrive. We provide impactful professional development experiences to our employees and invest in social impact partnerships to uplift communities and drive purposeful change. Here you will find significant opportunities to do meaningful work in an environment intentionally designed to be one where you will learn, grow and belong.

Knowledge and/or experience with government acquisition program and involved with System Security Engineering and or Program Protection methodologies and practices.
Experience with Cyber Threat Intelligence review and analysis supporting program risks.
Conducting Cyber threat table tops events with cyber red/blue team engagement on system penetration and mitigation tactics, techniques, and protocols (TTPs).
DoD 8570 IAT level 3, IAM level 2 or IASAE level 2+ certification (CISSP-ISSAP/ISSEP, CCSP), or equivalent.
Software security analysis: DevSecOps pipeline development and execution
Hybrid cloud based architecture and security engineering (containerization and orchestration of security functions and services across on prem and cloud architectures)
Operational technology and embedded systems security related configurations and cyber testing/risk assessments (SCADA, Industrial Control Systems, and/or Real-Time OS)

Benefits Information
Employee Benefits: At BAE Systems, we support our employees in all aspects of their life, including their health and financial well-being. Regular employees scheduled to work 20+ hours per week are offered: health, dental, and vision insurance; health savings accounts; a 401(k) savings plan; disability coverage; and life and accident insurance. We also have an employee assistance program, a legal plan, and other perks including discounts on things like home, auto, and pet insurance. Our leave programs include paid time off, paid holidays, as well as other types of leave, including paid parental, military, bereavement, and any applicable federal and state sick leave. Employees may participate in the company recognition program to receive monetary or non-monetary recognition awards. Other incentives may be available based on position level and/or job specifics.

Intern Benefits: Temporary employees generally are not eligible for BAE Systems benefits, but can elect to participate in the 401(k) savings plan. Temporary employees working 20+ hours per week are eligible for medical benefits, the employee assistance program, and business travel accident insurance.

Please note: Some benefits may be different for union employees that are governed by a collective bargaining agreement (CBA) or for positions covered by a wage law called the McNamara-O’Hara Service Contract Act (SCA).