BAE Systems is offering an exciting opportunity to support an important and dynamic Department of Justice customer supporting a highly capable and diverse team driving technical innovation. Our Quantico VA based customer requires commercially available information technology, engineering services, cybersecurity services and service desk technical support with a range of knowledge and experience.
Functional Responsibilities:
Candidate is to have senior level capabilities regarding information system security, to include being knowledgeable of current Information Assurance (IA) technologies to the architecture, design, development, evaluation, and integration of applications, systems, and networks to maintain the system security posture. Lastly the candidate is expected to develop compliancy and standardization with the policies regarding various information systems. Employee will work closely with customers to ensure the confidentiality, integrity, and availability of systems, applications, networks, and data through the planning, analysis, development, implementation, maintenance, and enhancement of information systems security programs; infrastructure; application; Security Assessment and Authorization (SAA), IA policy directives (PD) and guides (PG); and IA Security tools (e.g., Tenable.io, Nessus Pro, NMap, etc.)
- Must have excellent verbal and written communication skills to be able to accurately relate requirements and document requirements within the appropriate security document and/or within the RMF system and coordinate with the program, other systems, and security personnel.
- Prepare documentation from templates such as, but not limited to, Configuration Management Plan (CMP), Incident Response Plan (IRP), Information System Contingency Plan (ISCP), and Plan of Action and Milestones (POA&M) to ensure compliance with customer PDs and PGs and Federal IA requirements as well as coordinate review(s) and approvals.
- Must be able to discern the program policies and procedures, identify areas that need work and notify management of possible resolutions.
- Identify IA vulnerabilities and coordinate with the Infrastructure and Development teams to correct, mitigate, or apply for an exception via the POA&M processes.
- Review vulnerability (i.e., patches, updates, etc.) and compliance (i.e., Security Content Automation Protocol (SCAP) and/or Defense Information Systems Agency (DISA) Security Technical Implementation Guide (STIG)) scans on the infrastructure and applications to ensure patch and configuration compliance (on-premises and in the cloud).
- Prepare SAA package(s) to obtain and maintain an authority-to-operate (ATO), authority-to-test (ATT), or other SAA authority types for all systems and applications.
- Attend Configuration Control Board (CCB) meetings if needed and review all change requests for impact to the system/application security posture(s) and applicable Federal and customer PD and PG compliance requirements, and document decisions within the CMP.
- Coordinate security incident and high-priority compliance responses with the customer Enterprise Security Operations Center (ESOC).
- Represent program security interests in various meetings within and outside of the program.
- Schedule and conduct meetings with pertinent program personnel to address findings to determine the appropriate path forward and document within the CMP and, if necessary, POA&M.
- Coordinates with other systems Information System Security Officers (ISSO) to ensure that their requirements for interconnection, policy, and procedures are met and all documentation is provided and updated as necessary.
- Ability to assess current and evolving security threats in an operational environment.
- With an appropriate amount of Government PM guidance, works independently to carry out all requirements as directed by the Government PM, Information System Security Representative, Information System Security Manager, and Authorizing Official in a timely manner.
Bachelor of Science (B.S.) Degree in Computer Security or related field of study; (ISC)2 Information Security Certification(s) (e.g., CISSP, CAP, etc.); or in lieu of education, an additional five (5) years of relevant experience that addresses all requirements of the position. About BAE Systems Intelligence & SecurityBAE Systems, Inc. is the U.S. subsidiary of BAE Systems plc, an international defense, aerospace and security company which delivers a full range of products and services for air, land and naval forces, as well as advanced electronics, security, information technology solutions and customer support services. Improving the future and protecting lives is an ambitious mission, but it’s what we do at BAE Systems. Working here means using your passion and ingenuity where it counts – defending national security with breakthrough technology, superior products, and intelligence solutions. As you develop the latest technology and defend national security, you will continually hone your skills on a team—making a big impact on a global scale. At BAE Systems, you’ll find a rewarding career that truly makes a difference.
Intelligence & Security (I&S), based in McLean, Virginia, designs and delivers advanced defense, intelligence, and security solutions that support the important missions of our customers. Our pride and dedication shows in everything we do—from intelligence analysis, cyber operations and IT expertise to systems development, systems integration, and operations and maintenance services. Knowing that our work enables the U.S. military and government to recognize, manage and defeat threats inspires us to push ourselves and our technologies to new levels.
Our Commitment to Diversity, Equity, and Inclusion:
At BAE Systems, we work hard every day to nurture an inclusive culture where employees are valued and feel like they belong. We are conscious of the need for all employees to see themselves reflected at every level of the company and know that in order to unlock the full potential of our workforce, everyone must feel confident being their best, most sincere self and be equipped to thrive. We provide impactful professional development experiences to our employees and invest in social impact partnerships to uplift communities and drive purposeful change. Here you will find significant opportunities to do meaningful work in an environment intentionally designed to be one where you will learn, grow and belong.
Working Experience: Splunk and Tenable, reading technical and network diagrams, dataflows, creating workflows.
Authorizations Experience: Experience with the process of obtaining and maintaining Authorization to Operate (ATO) is preferred.
Subject Matter Expertise: Demonstrated expertise in information systems security, with a strong technical background and a comprehensive understanding of security protocols and practices.
Longevity and Commitment: Seeking a candidate who is committed to long-term career growth and stability within the organization.
Technical Proficiency: Advanced knowledge beyond operations and maintenance, including a solid background in network security and familiarity with technical aspects such as basic coding and scripting.
Adaptability and Innovation: Ability to think fluidly and adapt to evolving technical challenges, with a proactive approach to learning and problem-solving.
Team Collaboration: Proven experience in working collaboratively within a team environment, contributing to collective goals and initiatives.
I
nvestment in Role: Demonstrated dedication and investment in the responsibilities and growth associated with the role.
Benefits InformationEmployee Benefits: At BAE Systems, we support our employees in all aspects of their life, including their health and financial well-being. Regular employees scheduled to work 20+ hours per week are offered: health, dental, and vision insurance; health savings accounts; a 401(k) savings plan; disability coverage; and life and accident insurance. We also have an employee assistance program, a legal plan, and other perks including discounts on things like home, auto, and pet insurance. Our leave programs include paid time off, paid holidays, as well as other types of leave, including paid parental, military, bereavement, and any applicable federal and state sick leave. Employees may participate in the company recognition program to receive monetary or non-monetary recognition awards. Other incentives may be available based on position level and/or job specifics.
Intern Benefits: Temporary employees generally are not eligible for BAE Systems benefits, but can elect to participate in the 401(k) savings plan. Temporary employees working 20+ hours per week are eligible for medical benefits, the employee assistance program, and business travel accident insurance.
Please note: Some benefits may be different for union employees that are governed by a collective bargaining agreement (CBA) or for positions covered by a wage law called the McNamara-O’Hara Service Contract Act (SCA).