Director, Cybersecurity Strategy and Assurance & Deputy CISO

Job Description

BAE Systems is searching for a Cybersecurity Strategy and Assurance Director & Deputy CISO for our Reston, VA location. This position serves as deputy to the Vice President, Cybersecurity/Global Chief Information Security Officer. Provides cybersecurity governance and assurance; develops and implements strategy, policy and standards; develops and implements cybersecurity interventions/responses in coordination with our Operations cybersecurity elements. Represents BAE externally to U.S. Government and industry on issues related to cybersecurity strategy, policy and assurance.

Provide support to CISO to develop and implement cybersecurity strategy, policy, risk threat assessments and incident response. Respond proactively to cybersecurity incidents -- ensure the best possible outcomes for the Company and ensuring, where required, that effective remediation and risk mitigation is implemented.

Deliver a robust risk management approach to ensure that critical information and infrastructure is identified by the businesses and that effective cybersecurity mitigation and risk reduction strategies are in place. Manage and continually improve an assurance program covering legal, regulatory and company mandates to ensure that BAE Systems Inc. is aware and responding to existing and emerging compliance requirements. This involves conducting a planned program of compliance/assurance reviews each year to ensure policy and standards of cybersecurity are being met by the businesses and key IT service providers.

Ensure that cyber security and insider threats are recognized across the business and defended against. Provide cybersecurity advice to businesses, programs and campaigns. Provide reporting on cybersecurity matters and related performance to corporate leadership.

Represent the Company at both US Government-level and across the Defense Sector through participating and leading relevant Industry, trade association and customer cybersecurity forums. Effectively implement corporate cybersecurity strategy and deploy throughout BAE.

Assess the most cost effective and technically sufficient cybersecurity solutions among competing options that mitigate key corporate risks.

Full management of a team, including management of people, defining roles and responsibility and planning for the department's future needs.

Project /Program Manager on large, complex projects ($25M + budgets), responsible for oversight of team and budget. Generally completed in 1 to 2 years. Manage cybersecurity annual budget, and personnel charging against that budget, to meet corporate objectives; continually determining prioritized company actions based on risk, available resources and schedule commitments.

Typical Education & Experience
Typically a Bachelor's Degree and 12 years work experience or equivalent experience

Required Skills and Education

Requires advanced conceptual thinking in complex/and or completely new situation. Conceive and implement corporate crisis response actions during complex cyber- attack situations, often with conflicting information, that protect the corporation from adverse legal and reputational consequences.

Experience developing corporate cybersecurity strategy that mitigates risks for a complex, international business with global national security customers that advantages company's competitive position.

Executive-level verbal and written communications skills that can synthesize key technical issues into concise points which drive time-sensitive decision making.

Ability to influence business sectors' cybersecurity priorities and assess their compliance of corporate and US Government regulatory standards; analyze the results and identify corrections for line leaders to enact in timely manner even though competing with other business activity.

Experience managing a cybersecurity annual budget and personnel to meet corporate objectives.

Currently possess US Government Top Secret clearance with eligibility for SCI.

Preferred Skills and Education

Minimum of 15 years of experience in government/industry organizational risk management, cyber security or IT security engineering.

Master's in a technical/business related degree.

Professional certifications desired: CISSP.

About BAE Systems, Inc.
BAE Systems is a premier global defense and security company with approximately 90,000 employees delivering a full range of products and services for air, land and naval forces, as well as advanced electronics, security, information technology solutions and customer support and services. People are the greatest asset in any Company. BAE Systems is committed to hiring and retaining a diverse workforce. Equal Opportunity Employer/Females/Minorities/Veterans/Disabled/Sexual Orientation/Gender Identity/Gender Expression

Back to top