Information Systems Security Engineer

Job Description
BAE Systems is seeking a qualified engineer to lead a team with the responsibility of integrating security requirements and configurations into COTS and GOTS applications for our customer. The role of the engineer is not to be a SOC engineer or ISSO, but to work side-by-side with the hardware and software developers to ensure products fielded to our customers enterprise meet security requirements.

The successful candidate will be responsible for:
Hardening operating systems and applications
Monitoring the success of patching
Heightening Information security awareness of our engineering team
Ensure data provided is protected, accurate, and available when needed
Ensure effective access to information by authorized personnel
Identify of potential security vulnerabilities before they can cause a security-related
incident and during application development
Assist with Incident Management

Additional expectations:
a) Information security requirements are identified and established
b) Information security risks are identified and assessed
c) Assessment criteria for Information Security risks are identified
d) Information security risks measures are defined and applied
e) Information security concerns are communicated to stakeholders and intereseted parties
f) The impact of changes on Information Security are evaluated and reported
g) Assist with the System Assessment and Accredidation (SA&A) development to attain an Authority To Operate (ATO)
h) Assist with Plan Of Actions & Milestone development and mitigation
i) Work with engineers and software developers to integrate security into products and updates.
j) Work with engineers and software developers to apply security patches and updates.

Typical Education & Experience
Typically a Bachelor's Degree and 8 years work experience or equivalent experience

Required Skills and Education
Experience Planning and managing support for Service Asset and Configuration Management (SACM) tools and processes
Experience coordinating interfaces between SACM and other processes
Experience Defining the structure of the configuration management system, including CI types, naming conventions, required and optional attributes and relationships
Experience Performing configuration audits
Experience planning and coordinating all resources needed to build, test and deploy each release
Experience planning and managing support for release and deployment management tools and processes
Experience ensuring that change authorization is provided before any activity that requires this, for example before a release is checked in to the definitive media library (DML) and before it is deployed to a live environment
Experience coordinating interfaces between release and deployment management and other processes, especially change management, SACM, and service validation and testing
ITIL Certification

Preferred Skills and Education
CISSP
DOJ CSAM experience
Experience understanding Nessus reports and how to address the findings
Experience with Bigfix as a user, understanding reports, understanding the deployment tools
Experience understanding the DOJ SPDR and mitigating issues identified

About BAE Systems Intelligence & Security
BAE Systems Intelligence & Security, based in McLean, Virginia, designs and delivers advanced defense, intelligence, and security solutions that support the important missions of our customers. Our pride and dedication shows in everything we do-from intelligence analysis, cyber operations and IT expertise to systems development, systems integration, and operations and maintenance services. Knowing that our work enables the U.S. military and government to recognize, manage and defeat threats inspires us to push ourselves and our technologies to new levels. That's BAE Systems. That's Inspired Work. Equal Opportunity Employer/Females/Minorities/Veterans/Disabled/Sexual Orientation/Gender Identity/Gender Expression. To see Inspired Work in action, visit www.baesystems.com and follow us on Facebook: www.facebook.com/baesystemsintel.


Back to top