Cyber Eng Sr
BAE Systems
- Sterling, VA
- Permanent
- Full-time
- Supporting adherence to all aspects of a rigorous Risk Management Framework (RMF) compliance program as stipulated by NISPOM/DAAPM, JSIG, ICD 503, STIGs and associated NIST publications
- Work closely with the development and integration teams to ensure stability and hardening of the system throughout the development and production lifecycle
- Achieve and maintain Authority to Operate approvals for various systems by adhering to the RMF
- Enforcement of System Security Plans, Plans of Action and Milestones (POA&Ms), assessing and auditing systems security controls.
- Developing and maintaining all security documentation to include the System Security Plan, Security Controls Tractability Matrix, POA&Ms, STIG Compliance Assessments, and any other security related documentation.
- IAM Level I certification commensurate with DoD 8570.1M requirements (or ability to obtain certification within 6 months)
- Experience with the Risk Management Framework and achieving an ATO
- Experience with vulnerability scanning solutions
- High level of personal motivation and initiative to learn and acquire new skills, and adapt seamlessly to an ever-changing security environment
- Customer focused excellent communicator and ability to work with limited supervision.
- Strong organizational skills
At BAE Systems, we work hard every day to nurture an inclusive culture where employees are valued and feel like they belong. We are conscious of the need for all employees to see themselves reflected at every level of the company and know that in order to unlock the full potential of our workforce, everyone must feel confident being their best, most sincere self and be equipped to thrive. We provide impactful professional development experiences to our employees and invest in social impact partnerships to uplift communities and drive purposeful change. Here you will find significant opportunities to do meaningful work in an environment intentionally designed to be one where you will learn, grow and belong.Job FamilyCyber Security EngPreferred Skills and EducationExperience desired includes:
- Past experience working with Army Enterprise Cloud Management Agency (ECMA)
- Experience with the Risk Management Framework (RMF) process
- Experience eMASS
- Security Incident Handling & Response
- SIEM Management
- Audit & Compliance
- Analytics & Intelligence
- Firewall/IDS/IPS Skills
- Intrusion Detection
- Application Security Development
- Advanced Malware Prevention
- Data Management Protection
- Digital Forensics
- Identity & Access Management
- CISSP, CASP, or CISA Certification
- Working knowledge of cloud security (i.e., AWS or Azure), DevSecOps, operating systems (Windows and Linux), web security, DoD HBSS security services, and micro services.
- Experience with eMASS
- Experience with the Risk Management Framework (RMF)