Cyber Security Engineer - Mid Level

Job Description
See what you're missing. Our employees work on the world's most advanced electronics - from detecting threats for F-35 pilots to illuminating the night for soldiers. Spanning air, land, sea, and space, we are developing the technology of tomorrow, delivered today. Drawing strength from our differences, we're innovating for the future. And you can, too. Our flexible work environment provides you a chance to change the world without giving up your personal life. We put our customers first - exemplified by our mission: "We Protect Those Who Protect Us®." Sound like a team you want to be a part of? Come build your career with BAE Systems.

In Command, Control, Communications, Computers, Intelligence, Surveillance, and Reconnaissance (C4ISR) solutions, you'll help develop systems that sense, control, exploit and disseminate actionable information to warfighters supporting a variety of missions.

Job Description:

BAE Systems is looking for a Cybersecurity/Information Assurance Engineer. The qualified candidate will be working on the security engineering team supporting engineering activities in a rapid development environment to support the specification, development, and application of computer security technologies, cybersecurity and information assurance management techniques to DoD and Intelligence Community systems.

Keywords: Cyber, security, vulnerability, STIG, RMF, Risk Management Framework, A&A, Assessment and Authorization

Tasks may include:

- Analyzing system requirements and architecture to assess risks, threats and vulnerabilities of the product in accordance with accepted industry, professional, and government standards to ensure security design integrity, availability, confidentiality, and regulatory compliance
- Supporting Assessment and Authorization (A&A) activities for DoD and Intelligence Systems in accordance with Risk Management Framework and ICD-503 guidelines
- Working with the Infrastructure and Engineering Staff to incorporate tools and best practices that ensure control requirements are addressed to promote a robust security posture for the communications aspects of applications in both a private on premises data centers and public cloud offerings
- Supporting the secure design, architecture, installation, configuration, hardening, and remediation for software applications to protect organizations' sensitive information for On-Prem and Cloud environments.
- Supporting the development of system security plans including, security concepts of operation, risk management matrix, security control traceability matrix, security test procedures, and plan of action and milestones
- Supporting vulnerability scans, static code scans and dynamic code scans to detect software vulnerabilities.
- Assisting in establishing and implementing a Continuous Diagnostics and Mitigation (CDM) capability within application environments to ensure integrated security controls for the System of Systems (SoS)
- Conducting vulnerability assessments to validate system compliance with DISA Security Technical Information Guidelines (STIGS)
- Supporting security test events to achieve accreditation milestones

This position may require business travel to customer locations in support of product demonstrations, software installation, and system testing.

Typical Education & Experience
Typically a Bachelor's Degree and 2 years work experience or equivalent experience

Required Skills and Education
Required Education:
- Bachelor of Science degree in engineering/technical discipline, and 5+ year(s) related experience or equivalent experience, training and/or certifications

Required Skills:
- CompTIA Security+ certification or equivalent certification
- Understanding of national Cybersecurity policies, IA standard security principles, standards and industry best practices
- Experience in vulnerability assessment, control allocation, and risk mitigation
- Experience in DoD or Intelligence Community A&A processes, procedures, and artifacts
- Experience with DISA STIGs and/or IAVA compliance hardening
- Experience with traditional A&A tools: ACAS Nessus, HBSS, Xacta, eMASS, STIG Viewer
- Ability to assist with other traditional systems engineering tasks such as CONOPS, requirements, and system level testing
- Technical documentation development
- Team player with a proactive attitude and the ability to be productive in a dynamic/collaborative environment
- Strong oral and written communications skills
- Motivated self-starter with good problem solving skills, judgment, and analytical capability
- US Citizenship and ability to be granted a security clearance by the Federal Government

Preferred Skills and Education
- ISC2 CISSP certification or equivalent certification
- Experience with static and dynamic code analyzers
- Understanding of offensive security principles
- Leadership and mentoring skills
- Planning and organization skills

About BAE Systems Electronic Systems
BAE Systems Electronic Systems is the global innovator behind game-changing defense and commercial electronics. Exploiting every electron, we push the limits of what is possible, giving our customers the edge and our employees opportunities to change the world. Our products and capabilities can be found everywhere - from the depths of the ocean to the far reaches of space. At our core are more than 14,000 highly talented Electronic Systems employees with the brightest minds in the industry, we make an impact - for our customers and the communities we serve.


Back to top