Cyber Security, Information Systems Security Manager (ISSM)
- IAM Level II certification commensurate with DoD 8570.1M requirements
- ISSM or relevant cybersecurity experience
- High level of personal motivation and initiative to learn and acquire new skills, and adapt seamlessly to an ever-changing security environment
- Customer focused, excellent communicator and ability to work with limited supervision.
- Strong organizational skills
- Able to interface with other IA team members, other security disciplines (industrial security, physical security, special programs security, etc.), program personnel and government security representatives.
- Provide oversight for all classified systems compliance, and ensure the execution of our strong self-inspection program.
- Ensure all security certification and accreditation documents in relation to all classified systems are up-to-date.
- Ensure continuous monitoring (e.g. weekly, monthly, etc.) in accordance with cognizant security authority requirements are being implemented and met.
- Coordinate security-related activities with information security architects, senior information security officers, information system owners, common control providers, system/network administrators, and information system security officers.
- Experience with the development of core documentation including System Security Plans, Standard Operating Procedures, Plans of Actions and Milestones, Remediation Plans, and Configuration Management Plans.
- Experience with the review and creation of mitigation reports from compliance and vulnerability scanning tools (e.g., Nessus, SCAP, ACAS, SCC).
- Experience with auditing and certifying compliance of various systems (e.g., Windows, Linux, Network Devices, and peripherals).
- Experience with development and delivery of IA-related briefings and training material.
- Experience with compliance and vulnerability scanning tools (e.g., Nessus, SCAP, ACAS, SCC).
- Run and maintain the entire information assurance program for more complex efforts or area.
- Working knowledge of system functions, security policies, technical security safeguards, and operational security measures.
- Translate operational requirements into technical requirements and architectures needed to meet program objectives.
- Experience with conducting all aspects of a self-inspection.
- Experience with periodic and on-demand system audits and vulnerability assessments; including user accounts, application access, file system, and integrity scans to determine compliance.
- Prepare incident reports of analysis methodology and results.
- Knowledge of new and emerging information technology (IT) and cybersecurity technologies.
- Employ best practices when implementing security controls within an information system; to include, software engineering methodologies, system/security engineering principles, secure design, secure architecture, and secure coding techniques.
- Ability to function as an integral part of the development team to include designing and developing organizational information systems or upgrading legacy systems.
Our Commitment to Diversity, Equity, and Inclusion:
At BAE Systems, we work hard every day to nurture an inclusive culture where employees are valued and feel like they belong. We are conscious of the need for all employees to see themselves reflected at every level of the company and know that in order to unlock the full potential of our workforce, everyone must feel confident being their best, most sincere self and be equipped to thrive. We provide impactful professional development experiences to our employees and invest in social impact partnerships to uplift communities and drive purposeful change. Here you will find significant opportunities to do meaningful work in an environment intentionally designed to be one where you will learn, grow and belong.