BAE Systems is looking for a talented Cybersecurity Engineer to support the development and delivery of a System of Systems wargaming tool. The Cybersecurity Engineer will be responsible for:
- Supporting adherence to all aspects of a rigorous Risk Management Framework (RMF) compliance program as stipulated by NISPOM/DAAPM, JSIG, ICD 503, STIGs and associated NIST publications
- Work closely with the development and integration teams to ensure stability and hardening of the system throughout the development and production lifecycle
- Achieve and maintain Authority to Operate approvals on NIPR and SIPR for various systems by adhering to the RMF
- Enforcement of System Security Plans, Plans of Action and Milestones (POA&Ms), assessing and auditing systems security controls.
- Developing and maintaining all security documentation to include the System Security Plan, Security Controls Tractability Matrix, POA&Ms, STIG Compliance Assessments, and any other security related documentation.
Will be responsible for the following CDRLS:
- A023 – System Security Plan (SSP)
- A024 - Security Controls Traceability Matrix (SCTM)
- A025 - Security Assessment Plan
- A026 - Accreditation Boundary
- A027 - Ports, Protocols, and Services (PPS)
- A030 - Security Technical Implementation Guide (STIG) Compliance Assessment
- A031 - Secure Code Training Artifacts
- A032 - Source Code Review Raw Data Files
- A033 - Security Source Code
- A034 - Vulnerability Scan Results
- A035 - Cyber Plan of Actions and Milestones (POA&M)
Work Location:
- Duties expected to be performed at the BAE Systems Facility known as Dulles North located in Sterling, Virginia. Support may also be required at the customer facility located in Quantico Virginia.
- Alternate work locations must be agreed to in writing by BAE Systems at time of hire and is subject to change due to contract requirements.
- IAM Level I certification commensurate with DoD 8570.1M requirements (or ability to obtain certification within 6 months)
- Experience with the Risk Management Framework and achieving an ATO on NIPR and SIPR
- Experience with vulnerability scanning solutions
- High level of personal motivation and initiative to learn and acquire new skills, and adapt seamlessly to an ever-changing security environment
- Customer focused excellent communicator and ability to work with limited supervision.
- Strong organizational skills
About BAE Systems Intelligence & SecurityBAE Systems, Inc. is the U.S. subsidiary of BAE Systems plc, an international defense, aerospace and security company which delivers a full range of products and services for air, land and naval forces, as well as advanced electronics, security, information technology solutions and customer support services. Improving the future and protecting lives is an ambitious mission, but it’s what we do at BAE Systems. Working here means using your passion and ingenuity where it counts – defending national security with breakthrough technology, superior products, and intelligence solutions. As you develop the latest technology and defend national security, you will continually hone your skills on a team—making a big impact on a global scale. At BAE Systems, you’ll find a rewarding career that truly makes a difference.
Intelligence & Security (I&S), based in McLean, Virginia, designs and delivers advanced defense, intelligence, and security solutions that support the important missions of our customers. Our pride and dedication shows in everything we do—from intelligence analysis, cyber operations and IT expertise to systems development, systems integration, and operations and maintenance services. Knowing that our work enables the U.S. military and government to recognize, manage and defeat threats inspires us to push ourselves and our technologies to new levels.
Our Commitment to Diversity, Equity, and Inclusion:
At BAE Systems, we work hard every day to nurture an inclusive culture where employees are valued and feel like they belong. We are conscious of the need for all employees to see themselves reflected at every level of the company and know that in order to unlock the full potential of our workforce, everyone must feel confident being their best, most sincere self and be equipped to thrive. We provide impactful professional development experiences to our employees and invest in social impact partnerships to uplift communities and drive purposeful change. Here you will find significant opportunities to do meaningful work in an environment intentionally designed to be one where you will learn, grow and belong.
- Security Incident Handling & Response
- SIEM Management
- Audit & Compliance
- Analytics & Intelligence
- Firewall/IDS/IPS Skills
- Intrusion Detection
- Application Security Development
- Advanced Malware Prevention
- Data Management Protection
- Digital Forensics
- Identity & Access Management
- CISSP, CASP, or CISA Certification
- Working knowledge of cloud security (i.e., AWS or Azure), DevSecOps, operating systems (Windows and Linux), web security, DoD HBSS security services, and micro services.
Benefits InformationEmployee Benefits: At BAE Systems, we support our employees in all aspects of their life, including their health and financial well-being. Regular employees scheduled to work 20+ hours per week are offered: health, dental, and vision insurance; health savings accounts; a 401(k) savings plan; disability coverage; and life and accident insurance. We also have an employee assistance program, a legal plan, and other perks including discounts on things like home, auto, and pet insurance. Our leave programs include paid time off, paid holidays, as well as other types of leave, including paid parental, military, bereavement, and any applicable federal and state sick leave. Employees may participate in the company recognition program to receive monetary or non-monetary recognition awards. Other incentives may be available based on position level and/or job specifics.
Intern Benefits: Temporary employees generally are not eligible for BAE Systems benefits, but can elect to participate in the 401(k) savings plan. Temporary employees working 20+ hours per week are eligible for medical benefits, the employee assistance program, and business travel accident insurance.
Please note: Some benefits may be different for union employees that are governed by a collective bargaining agreement (CBA) or for positions covered by a wage law called the McNamara-O’Hara Service Contract Act (SCA).