Sr Principal IT Systems Security Engineer
Job Description BAE Systems is seeking an an Information System Security Officer (ISSO) to join our team supporting the Department of Defense (DoD) High Performance Computing (HPC) Modernization Program (DoD HPCMP) and U.S. Navy DoD Supercomputing Resource Center (DSRC) located at the John C. Stennis Space Center, MS. The ISSO role is responsible for applying Information System (IS) security principles, procedures, and practices under the Risk Management Framework (RMF). As an ISSO you are responsible for implementing security controls, monitoring system security posture, auditing user activity, maintaining records, and updating documentation. Your work will ensure classified information systems maintain compliance with applicable security regulations, such as CNSSI, NIST, and NISPOM.
The ISSO’s role at the Navy DSRC includes:
- Supporting the Information Systems Security Manager (ISSM) at the DSRC and the program’s CSSP.
- Providing support in the creation and maintenance of all Assessment and Authorization (A&A) packages under the RMF guidelines utilizing the Enterprise Mission Assurance Support Service (eMASS) tool. This support includes, but is not limited to, clear understanding of eMASS tool, review and make recommendations for supporting documentation supporting the RMF Control/AP responses and if requested by the ISSM, perform the role Initial Task Validator of RMF Controls.
- Ensuring DoDD 8570 compliance regarding baseline and Computing Environment, which are required for cybersecurity Technical Personnel, certifications for all applicable staff under the purview of the DSRC.
- Protect information systems and data from threats and vulnerabilities
- Create and maintain system security documentation
- Implement, maintain, and monitor security controls
- Provide security status to the DSRC leadership on a recurring basis
- Achieve and maintain Authorization to Operate Unclassified and Classified information systems
- Assess and mitigate threats and vulnerabilities
- Provide security related guidance and technical support to the Navy DSRC staff
- Maintain and report the status of all Plan of Action and Milestones
- Attend recurring ISSO meetings across the program
- Lead the implementation of critical security projects, such as Zero Trust and Data Exfiltration
- Assist the ISSO’s at the other DSRCs
- Maintain eligibility for personnel security clearance
- Perform other duties as assigned
The candidate must hold an IAM Level II DoD 8140.01 (previously 8570.01) compliant certification (i.e. CAP, Security+ CE, CISSP, CASP, CISM, GSLC).
Required Education & Experience:
A Bachelor’s degree and 10 years' work experience in cybersecurity
Required Security Clearance:
Active Top Secret U.S. Security Clearance with a Federal Government background investigation completed within the last 6 years
Required Skills & Experience:
A qualified candidate for this position must have the ability to:
- Familiarity with the RMF process
- Understanding of NIST 800 series, DoD 8500.2, DoDD 8570, CNSSI 1253, NISPOM Chapter 8, and related publications
- Experience implementing and monitoring technical, administrative, and operational security controls
- Experience performing risk assessment and risk management for unclassified and classified IT systems
- Communicate clearly and concisely verbally and in writing
- Experience with Splunk, especially for data analysis
- Familiarity with the DCSA eMass system and/or other documentation process tools such as Xacta
- Familiarity with MS and Linux Operating Systems and associated DISA STIGS
- Reviewing security event logs from both Windows and Linux systems
- Use of network/system scanning tools and interpreting results
- Security incident management
- Working with hardware and software vendors
- Prior experience in any security related domain, Technical, Physical, or Personnel
Intelligence & Security (I&S), based in McLean, Virginia, designs and delivers advanced defense, intelligence, and security solutions that support the important missions of our customers. Our pride and dedication shows in everything we do—from intelligence analysis, cyber operations and IT expertise to systems development, systems integration, and operations and maintenance services. Knowing that our work enables the U.S. military and government to recognize, manage and defeat threats inspires us to push ourselves and our technologies to new levels.
Our Commitment to Diversity, Equity, and Inclusion:
At BAE Systems, we work hard every day to nurture an inclusive culture where employees are valued and feel like they belong. We are conscious of the need for all employees to see themselves reflected at every level of the company and know that in order to unlock the full potential of our workforce, everyone must feel confident being their best, most sincere self and be equipped to thrive. We provide impactful professional development experiences to our employees and invest in social impact partnerships to uplift communities and drive purposeful change. Here you will find significant opportunities to do meaningful work in an environment intentionally designed to be one where you will learn, grow and belong.