Information Systems Security Engineer
- Springfield, VA
BAE Systems is seeking a versatile, hands-on Information Systems Security Engineer (ISSE) responsible for evaluating, developing, implementing, acquiring and maintaining information systems assessments and authorizations (A&A) in accordance with ICD 503 and NIST SP 800-53 procedures. The selected applicant will address system security requirements in support of the customer's independent verification and validation test environments. This includes, but is not limited to, the application of security hardening protocols to operating systems and service applications and the comprehensive documentation required to achieve Authority to Operate (ATO).
Required Skills and Education
- Applying information processing system security controls in accordance with NIST SP 800-53 and NIST SP 800-53A.
- Apply working knowledge and practical experience of Risk Management Frame work in accordance with NIST SP 800-73
- Interpret, apply and acquire Interim Authority to Test (IATT) and Authority to Operate (ATO) in accordance with the ICD 503 and the Assessment and Authorization (A&A) process.
- Implement a Continuous Monitoring strategy (per ICD 503) appropriate for systems, leveraging existing tools, efforts and incorporating new automation techniques.
- Support the preparation of the Security Assessment Report (SAR), Develop security test plans, Execute and assess the security controls within the test plans.
- Develop and assist in the development of Plan of Action and Milestones (POA&M) containing corrective actions required for unacceptable risks.
- Develop and implement security baselines for Windows and Linux operating systems and networking components.
- Writing system security plans for complex information systems, conducting security reviews and conducting system audits.
- Performing security requirements analysis to create a Security Requirements Traceability Matrix (SRTM)
Preferred Skills and Education
- 3+ years of hands-on experience as an Information Systems Security Engineer (ISSE) or Computer Network Defense (CND) engineer or similar occupation.
- Demonstrated experience applying system engineering skills to provide documentation for the A&A process to include: Concept of Operations, System Security Plan, System Control Traceability Matrix (SCTM), Security Test Plan (STP)
- Demonstrated experience performing, analyzing and remediating Nessus and ACAS security scans
- Experience performing Windows/Linux operating system administration and security hardening.
- Exceptional verbal and written communication skills with strong interpersonal skills
- Must be a motivated self-starter who can perform duties independently and in a team environment
About BAE Systems Intelligence & Security
BAE Systems Intelligence & Security, based in McLean, Virginia, designs and delivers advanced defense, intelligence, and security solutions that support the important missions of our customers. Our pride and dedication shows in everything we do-from intelligence analysis, cyber operations and IT expertise to systems development, systems integration, and operations and maintenance services. Knowing that our work enables the U.S. military and government to recognize, manage and defeat threats inspires us to push ourselves and our technologies to new levels. That's BAE Systems. That's Inspired Work. Equal Opportunity Employer/Females/Minorities/Veterans/Disabled/Sexual Orientation/Gender Identity/Gender Expression. To see Inspired Work in action, visit www.baesystems.com and follow us on Facebook: www.facebook.com/baesystemsintel.
Back to top