We Hire America - Veterans Jobs

Mobile We Hire America Veterans Logo
WeHireAmerica-Veterans.jobs is a service of HR Policy Foundation and DirectEmployers Association. These two non-profit organizations are providing this free resource to help educators, policy makers and job seekers understand the great employment opportunities available here in the U.S. at some of America's biggest and best companies.

Job Information

BAE Systems Information Security Specialist in Quantico, Virginia

Job Description

BAE Systems is currently looking for an Information Systems Security Officer that will apply current information assurance (IA) technologies to the architecture, design, development, evaluation, and integration of systems and networks to maintain system security. Work closely with customers to ensure that the IA requirements are defined and implemented in a way that allows for the accreditation of the IA architecture as well as support the operational needs of the collection. Shall work with system developers and commercial product vendors in the design and evaluation of state-of-the-art secure collection systems, networks, and database products. Shall also use methods, such as encryption technology, vulnerability analysis, and security management. Shall be responsible for integration of multiple methods into a cohesive system security perimeter and environment and the policies and procedures necessary to monitor and maintain such an environment. Help prepare System Security Architecture (SSA) documentation using multiple standards such as Department of Defense (DoD) Information Technology Security Certification and Accreditation Process (DITSCAP), National Information Assurance Certification and Accreditation Process (NIACAP), Director of Central Intelligence Directive 6/3 (DCID 6/3), Common Criteria, NIST 800 series, and DOJ or FBI system policies and procedures to achieve accreditation of supported systems.

Required Education, Experience, & Skills

This position requires 5-7 years of related work experience with:

  • Evaluating system network or infrastructure security controls against RMF requirements

  • Security reviews, assessments, and analysis, such as vulnerability scans, audit logs, Plan of Action & Milestones (POA&M) and System Security Plans (SSP), for complex, operational systems.

  • Operating systems, network knowledge, and law enforcement collection systems, as well as information security and assurance principles, security, and privacy controls management.

  • Ability to assess current and evolving security threats and provide security recommendation in an operational environment for digital collection systems is required.

Extensive experience with

  • FISMA, Risk Management Frame Work (RMF)

  • System Security Plans ((SSPs)

  • Plan of Actions and milestones (POA&Ms)

  • Contingency, incident response, configuration management, and business impact analysis plans

  • Cybersecurity awareness, NIST SP 800-53, any additional IA tools scanning (Tennable.SC, Nessus Professional, Splunk, IA Xacta, Trusted Agent FISMA, CMAS

  • Understanding of networking technologies (OSPF, BGP, MPLS, IPSec)

  • Knowledge of information security engineering, design concepts and principles

  • Knowledgeable with the Systems Development Lifecycle (SDLC) and continuous monitoring methodologies

  • Extensive experience analyzing information technology and system risk in complex environments and articulating results (verbal/reports to all levels of management)

Preferred Education, Experience, & Skills

Preferred Experience and Education

Bachelor s degree in Computer Security or related field of study. In lieu of college level education, 6 years (or more) additional related experience.

Current certification preferred in one or more of the following IT Security disciplines:

  • ISACA - Certified Information Systems Auditor (CISA)

  • ISACA - Certified in Risk and Information Systems Control (CRISC)

  • ISACA - Certified Information Security Manager (CISM)

  • ISACA - Certified in Governance of Enterprise IT(CGEIT)

  • (ISC)2 - Certified Information Systems Security Professional (CISSP)

  • (ISC)2 - Certified Authorization Professional (CAP)

  • CompTIA - Certified Advanced Security Practitioner (CASP)

Information Security Specialist

72730BR

EEO Career Site Equal Opportunity Employer. Minorities . females . veterans . individuals with disabilities . sexual orientation . gender identity . gender expression

DirectEmployers