BAE Systems, Inc. is looking for an Information Systems Applications Compliance Specialist to join our Enterprise Shared Services Information Technology (ESS- IT). The ESS-IT Application Solutions Compliance team provides audit, governance and compliance support to the applications organization through a service management and delivery framework that leverages industry best practices implemented by standard processes and procedures. Service delivery quality and performance are measured by service level objectives that drive overall customer satisfaction through focus on key areas such as security, reliability, availability, usability, performance, and responsiveness.
The Information Systems Applications Compliance Specialist, with limited supervision, would support the Application Solutions organization by working directly with the applications support teams in audit preparation including; engaging with subject matter experts, collecting information and artifact to resolve inquiries and support documentation requests, assist with performing recurring reviews, tracking documentation, artifacts and responses to address audit finding and recommendations, assist teams in implementing and documenting remediation of non-compliances, as well as provide status reporting to management. Additionally, the Information Systems Applications Compliance Specialist will be responsible for proactively monitoring compliance operational controls and compliance metrics in order to identify potential issues.
ESSENTIAL FUNCTIONS: (Essential functions may include, but are not limited to, the functions listed below):
- Ensures the proactive readiness of application teams for audits; both internal and external.
- Work with application teams to track and ensuring the timely review and renewal process and procedures documentation, and other supporting artifacts needed for compliance.
- Identifies opportunities for enhancements to existing processes and controls and/or develop recommendations to ensure risks are adequately mitigated.
- Performs periodic monitoring and validations (as specified by policy and/or audit frameworks) to ensure required regulatory controls and internal policies and processes are being followed.
- Assesses and escalate threats and concerns resulting from ineffective or missing control practices.
- Manages the planning and delivery of remediation efforts following internal project management methodologies to ensure identified threats or vulnerabilities are successfully addressed in a timely manner.
- Collaborates with other IT teams to improve security compliance, manage risk and bolster effectiveness of cybersecurity controls.
- Collaborates with IT Business Partners and other stakeholders to maintain awareness of changes in risk profiles and promote the awareness of risk and compliance initiatives.
- Quickly learn and maintain knowledge on general cybersecurity auditing practices, industry regulatory changes and internal company policy and process changes.
- Prepares reports of findings, observations of control deficiencies and other compliance tracking activities to management.
- Performs other related duties and responsibilities as required.
Required Education, Experience, & Skills
- Security Clearance: None (Must be Clearable)
- Bachelor's degree from an accredited college or university, preferably with an emphasis in information systems, accounting, business or other related fields, and a minimum of two (2) years of experience that is directly related to the duties and responsibilities specified.
- Experience with project management concepts; planning, scheduling, and status reporting.
- Understanding of audit frameworks and IT audit methodologies.
- General knowledge of application and other IT operational services such as Network Infrastructure technologies (WAN/LAN), Cybersecurity, Active Directory, Backup & Recovery, Messaging (e-mail), Mobile Technologies, Remote Access (VPNs), Storage and Operating Systems.
- Ability to apply critical thinking in problem solving and in making decisions, particularly in situations where all the facts may not be readily available or there is some ambiguity.
- Proven ability to synthesize information from multiple sources to draw logical conclusions and support recommendations.
- Experience articulating technical or complex concepts across business and technical boundaries in a clear, concise and organized manner.
- Functions well both as an individual contributor and in team environments where collaboration and adaptability are important.
- Experience building productive, collaborative and sustainable internal and external working relationships.
- Demonstrated ability to handle multiple concurrent projects, meet established deadlines and quickly adapt to changing priorities, all while working under limited supervision.
- Excellent verbal and written communication skills, ability to effectively communicate with technical and non-technical audiences.
- Must be data, fact and detail oriented in order to follow internal procedures and ensure reports, checklists and other supporting materials are completed accurately and timely.
Preferred Education, Experience, & Skills
- Certification or related certification in one or more of the following a plus:
- Certified Information Systems Auditor (CISA)
- SANS Global Information Assurance Certification (GIAC)
- Certified Internal Auditor (CIA)
- Working knowledge of DFARS; NIST SP 800-171, and NIST SP 800-53 or similar security controls a plus.
About BAE Systems, Inc.
BAE Systems, Inc. is the U.S. subsidiary of BAE Systems plc, an international defense, aerospace and security company which delivers a full range of products and services for air, land and naval forces, as well as advanced electronics, security, information technology solutions and customer support services. Improving the future and protecting lives is an ambitious mission, but it's what we do at BAE Systems. Working here means using your passion and ingenuity where it counts – defending national security with breakthrough technology, superior products, and intelligence solutions. As you develop the latest technology and defend national security, you will continually hone your skills on a team—making a big impact on a global scale. At BAE Systems, you'll find a rewarding career that truly makes a difference.
At BAE Systems, we celebrate the array of skills, experiences, and perspectives our employees bring to the table. For us, differences are a source of strength. We're laser-focused on high performance, and we work hard every day to nurture an inclusive culture where all employees can innovate and thrive. Here, you will not only build your career, but you will also enjoy work-life balance, uncover new experiences, and collaborate with passionate colleagues.
Apply on company website