Information Systems Security Engineer
Are you interested in pursuing a new opportunity where you can use your acquired skills to bridge the gap between technical teams and security personnel? Are you an excellent communicator, critical thinker, and results oriented? If so, keep reading because we have the position for you!
We are seeking an Information Systems Security Engineer to support one of our mission critical programs. In this position, you will serve as the liaison between Agile development teams, the Information Systems Security Manager, and various mission partners; helping bridge the gap between security requirements/policies and technical implementation. To be successful, you must not only have experience completing A&A relevant documentation (concept of operations, system security design, system security plan, implementation plans, operational procedures, training materials, etc.) but also have hands on experience working with teams to help review and address Nessus and AppDetective scan findings in order to obtain a favorable Authority to Operate (ATO).
Some duties of the job include:
- Working with development teams to perform architectural design, integration, installation, configuration, testing and administration of systems and capabilities to support the scanning, monitoring, and reporting of requirements
- Assisting with the design, development, integration, testing, implementation, development and operations & maintenance (O&M) of tools for automation of security testing in support of existing and new Assessment and Authorization (A&A) requirements
- Integrating, installing, configuring, testing, and administering tools and capabilities to implement A&A business processes, workflow, security control mappings and reporting
- Working with security assessors to answer questions, provide justification, and provide required updates in a timely manner
- Developing and implementing security baselines for Linux and Windows operating systems and networking components
- Writing system security plans for existing and new systems
- Assisting with the development of Plan of Action and Milestones (POA&M) that contains appropriate corrective actions for unacceptable risks
- Serving as Subject Matter Expert for A&A process, ensuring teams and management understand each required milestone and tasks necessary to move to the next step
- Implementing a Continuous Monitoring strategy appropriate for systems, leveraging existing tools and incorporating automations where feasible
- Recommending appropriate security measures for all systems to ensure compliance with customer's security mandates
Typically a Bachelor's Degree and 8 years work experience or equivalent experience
Required Skills and Education
- The candidate must have an Active Intel Security clearance with a Favorable Polygraph. Candidate will not be considered without it.
- Documented experience providing input into A&A process activities and related documentation
- Experience working with technical and non-technical personnel to explain technical information
- Problem solving skills
- Excellent oral, written, and organization skills
- Ability to assess existing IT architecture to ensure compliance with current security requirements
- Ability to evaluate proposed security architecture and designs to ensure compliance with security requirements
- Ability to collaborate with internal and external mission partners
- Prior experience creating security documentation, reviewing scan results, and assisting development teams with responses to Critical and/or High findings
- Prior experience tracking and addressing POA&M items
- Experience working on an Agile team
- Certified Information Systems Security Professional (CISSP)
- Information Systems Security Engineering Professional (ISSEP)
BAE Systems Intelligence & Security, based in McLean, Virginia, designs and delivers advanced defense, intelligence, and security solutions that support the important missions of our customers. Our pride and dedication shows in everything we do-from intelligence analysis, cyber operations and IT expertise to systems development, systems integration, and operations and maintenance services. Knowing that our work enables the U.S. military and government to recognize, manage and defeat threats inspires us to push ourselves and our technologies to new levels. That's BAE Systems. That's Inspired Work. Equal Opportunity Employer/Females/Minorities/Veterans/Disabled/Sexual Orientation/Gender Identity/Gender Expression. To see Inspired Work in action, visit www.baesystems.com and follow us on Facebook: www.facebook.com/baesystemsintel.
Back to top