Information Systems Security Engineer
- Dulles, VA
Job Description
Join BAE Systems Intelligence and Security sector and be a part of a team who solves some of the world's most complex challenges. We are looking for an experienced Information Systems Security Engineer (ISSE) to join one of our ICI programs. This individual has extensive knowledge with information systems and network security.
The Information Systems Security Engineer will serve as the security subject matter expert (SME) for multiple applications. They will manage the execution of systems security activities for business systems and applications. The role of the ISSE is to bridge the gap between high level security policies/requirements and technical/operational implementation of those requirements. Additionally, candidates should have in-depth understanding of cybersecurity policies and procedures for government sector information systems and sufficient technical knowledge of experience to implement them. The candidate will apply Risk Management Framework (RMF) security controls in accordance with regulatory policies.
In this role, you will:
- Provide guidance to development teams on the A&A Process to include: related security documentation such as systems concept of operations, system security design, implementation plans, operational procedures, and maintenance training materials
- Provide support to development teams for mitigation and management of Plan of action and Milestones (POA&Ms)
- Conducts assessments of existing IT architecture for compliance with security requirements in accordance with regulatory security frameworks (IAW NIST SP 800-53 Rev. 4)
- Provide engineering support and assistance to authorization/accreditation test and evaluation activities
- Evaluate proposed security architectures and designs and provide input as to the adequacy of those security designs to meet required security compliance objectives
- Track and mitigate customer system vulnerabilities
- Provide continuous monitoring support for information systems
- Required Skills and Education
- Technical degree (or Bachelor's degree) in computer science or related field (e.g. Information Systems, Cyber Security, Information Assurance etc.)
- 10+ years information systems, security engineering, and network security
- Extensive experience with Assessment and Authorization(A&A) requirements specifically Authority to Operate (ATO) process and procedures within the Enterprise
- Extensive experience developing Body of Evidence (BoE) required security documents e.g. CONOPS, Audit Plan, Contingency Plan, etc.
- Extensive experience with Security Framework regulations, to include: NIST 800-53; ICD 503, Rev4; CNSS 1253
- Extensive experience with Plan of Action Milestones (POA&Ms) (demonstrates familiarity with OS, Database, and Webserver common findings) and knowledge of appropriate corrective action for unacceptable risks
- Experience Amazon Web Services
- Knowledge of Enterprise Security Best Practices (IAW NIST 800-53; ICD 503, Rev4; CNSS 1253
- Good verbal and written communication skills
- Superior analytical and problem solving skills
- Demonstrates knowledge of Enterprise security audit requirements
Preferred Skills and Education - XACTA
- Certified Information Systems Security Professional (CISSP)
- Agile Certification
- JIRA
- CompTIA Security+
Required Education, Experience, & Skills
- The candidate must have an Active Intel Security clearance with a Favorable Polygraph. Candidate will not be considered without it
- Required Skills and Education
- Technical degree (or Bachelor's degree) in computer science or related field (e.g. Information Systems, Cyber Security, Information Assurance etc.)
- 10+ years information systems, security engineering, and network security
- Extensive experience with Assessment and Authorization(A&A) requirements specifically Authority to Operate (ATO) process and procedures within the Enterprise
- Extensive experience developing Body of Evidence (BoE) required security documents e.g. CONOPS, Audit Plan, Contingency Plan, etc.
- Extensive experience with Security Framework regulations, to include: NIST 800-53; ICD 503, Rev4; CNSS 1253
- Extensive experience with Plan of Action Milestones (POA&Ms) (demonstrates familiarity with OS, Database, and Webserver common findings) and knowledge of appropriate corrective action for unacceptable risks
- Experience Amazon Web Services
- Knowledge of Enterprise Security Best Practices (IAW NIST 800-53; ICD 503, Rev4; CNSS 1253
- Good verbal and written communication skills
- Superior analytical and problem solving skills
- Demonstrates knowledge of Enterprise security audit requirements
Preferred Education, Experience, & Skills
- Preferred Skills and Education
- XACTA
- Certified Information Systems Security Professional (CISSP)
- Agile Certification
- JIRA
- CompTIA Security+
- #KA10
About BAE Systems Intelligence & Security
BAE Systems Intelligence & Security, based in McLean, Virginia, designs and delivers advanced defense, intelligence, and security solutions that support the important missions of our customers. Our pride and dedication shows in everything we do-from intelligence analysis, cyber operations and IT expertise to systems development, systems integration, and operations and maintenance services. Knowing that our work enables the U.S. military and government to recognize, manage and defeat threats inspires us to push ourselves and our technologies to new levels. That's BAE Systems. That's Inspired Work. Equal Opportunity Employer/Females/Minorities/Veterans/Disabled/Sexual Orientation/Gender Identity/Gender Expression. To see Inspired Work in action, visit www.baesystems.com and follow us on Facebook: www.facebook.com/baesystemsintel.
Back to top