Cybersecurity Engineer
BAE Systems
Job Description
BAE Systems is looking for a talented Cybersecurity Engineer to support the development and delivery of a System of Systems wargaming tool. The Cybersecurity Engineer will be responsible for:
Supporting adherence to all aspects of a rigorous Risk Management Framework (RMF) compliance program as stipulated by NISPOM/DAAPM, JSIG, ICD 503, STIGs and associated NIST publications
Work closely with the development and integration teams to ensure stability and hardening of the system throughout the development and production lifecycle
Achieve and maintain Authority to Operate approvals on NIPR and SIPR for various systems by adhering to the RMF
Enforcement of System Security Plans, Plans of Action and Milestones (POA&Ms), assessing and auditing systems security controls.
Developing and maintaining all security documentation to include the System Security Plan, Security Controls Tractability Matrix, POA&Ms, STIG Compliance Assessments, and any other security related documentation.
Will be responsible for the following CDRLS:
A023 System Security Plan (SSP)
A024 – Security Controls Traceability Matrix (SCTM)
A025 – Security Assessment Plan
A026 – Accreditation Boundary
A027 – Ports, Protocols, and Services (PPS)
A030 – Security Technical Implementation Guide (STIG) Compliance Assessment
A031 – Secure Code Training Artifacts
A032 – Source Code Review Raw Data Files
A033 – Security Source Code
A034 – Vulnerability Scan Results
A035 – Cyber Plan of Actions and Milestones (POA&M)
Work Location:
Duties expected to be performed at the BAE Systems Facility known as Dulles North located in Sterling, Virginia. Support may also be required at the customer facility located in Quantico Virginia.
Alternate work locations must be agreed to in writing by BAE Systems at time of hire and is subject to change due to contract requirements.
Required Education, Experience, & Skills
IAM Level I certification commensurate with DoD 8570.1M requirements (or ability to obtain certification within 6 months)
Experience with the Risk Management Framework and achieving an ATO on NIPR and SIPR
Experience with vulnerability scanning solutions
High level of personal motivation and initiative to learn and acquire new skills, and adapt seamlessly to an ever-changing security environment
Customer focused excellent communicator and ability to work with limited supervision.
Strong organizational skills
Preferred Education, Experience, & Skills
Security Incident Handling & Response
SIEM Management
Audit & Compliance
Analytics & Intelligence
Firewall/IDS/IPS Skills
Intrusion Detection
Application Security Development
Advanced Malware Prevention
Data Management Protection
Digital Forensics
Identity & Access Management
CISSP, CASP, or CISA Certification
Working knowledge of cloud security (i.e., AWS or Azure), DevSecOps, operating systems (Windows and Linux), web security, DoD HBSS security services, and micro services.
Pay Information
Full-Time Salary Range: $75570 – $128480
Please note: This range is based on our market pay structures. However, individual salaries are determined by a variety of factors including, but not limited to: business considerations, local market conditions, and internal equity, as well as candidate qualifications, such as skills, education, and experience.
Employee Benefits: At BAE Systems, we support our employees in all aspects of their life, including their health and financial well-being. Regular employees scheduled to work 20 hours per week are offered: health, dental, and vision insurance; health savings accounts; a 401(k) savings plan; disability coverage; and life and accident insurance. We also have an employee assistance program, a legal plan, and other perks including discounts on things like home, auto, and pet insurance. Our leave programs include paid time off, paid holidays, as well as other types of leave, including paid parental, military, bereavement, and any applicable federal and state sick leave. Employees may participate in the company recognition program to receive monetary or non-monetary recognition awards. Other incentives may be available based on position level and/or job specifics.
Cybersecurity Engineer
106436BR
EEO Career Site Equal Opportunity Employer. Minorities . females . veterans . individuals with disabilities . sexual orientation . gender identity . gender expression