BAE Systems is seeking a Cybersecurity Engineering Manager in support of the Air Force's next-generation Inter-Continental Ballistic Missile (ICBM) weapon system. This will be a long-term project with the weapon system anticipated to remain operational until 2075 – you can contribute to a critical initiative that will provide protection through deterrence for generations yet to come!
The individual in this position will report to the BAE Systems Cybersecurity Manager. The Cybersecurity team works within the DoD's Cybersecurity Risk Management Framework (RMF) methodology and supports compliance assessment, monitoring, computer network operations (CNO), computer network defense (CND) and computer network exploitation (CNE) for current and future weapon systems, government Information Systems (IS) and commercial IS.
This individual will lead the Cybersecurity Engineering team is relatively small so he/she will be expected to lead the team as well as actively contribute in performance of the day-to-day team responsibilities.
As a manager, this individual will perform functions such as hiring, evaluating, training, making assignments, reporting, approving timesheets, performance management, salary administration, mentorship and development/retention of staff. They will work with other organizational leadership on priorities, fostering strong relationships, meeting business goals, and so forth. This individual will also help build teamwork, improve communications, develop/enforce policies, and work with customers (internal and external).
As an individual contributor, this individual will work closely with Information System Security Managers (ISSM), Information System Security Officers (ISSO), and our Information Technology (IT) and Program Management teams to identify risks and vulnerabilities, ensure they are not carried over into new systems development, develop and implement mitigation plans, and document all findings. They will also ensure we are implementing, managing, and consistently following Cybersecurity requirements, best practices, and internal processes all the way from design thru architecture, build, transition to production, and day-to-day operations. This individual ensures testing is performed to validate established security requirements, recommends additional security requirements and safeguards, supports formal testing required by government accrediting authorities, conducts incident response and investigations, prepares System Security Plans, updates Plans of Action and Milestones, reviews system audits, and monitors corrective actions until all actions are closed. This individual will also help define and develop Cyber Security Operations Center (CSOC) and Network Operations Center (NOC) processes and capabilities to support planned growth.
This individual will analyze, diagnose and resolve issues with security controls, defenses and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company systems or data. They will also research attempted or successful efforts to compromise systems security and designs/implements countermeasures, maintain hardware, software and network security devices and tools, and monitor/administer security policies to control physical and virtual access to systems.
This position is part of a matrixed organization and has responsibility for ensuring that appropriate policies, standards, procedures, and automated mechanisms are created to appropriately protect the security of systems and data, and are documented, implemented, and followed to ensure long-term consistency.
The successful candidate will have a broad experience base in Information Technologies and Cybersecurity and have the ability to adapt to a fast-paced environment with the energy and motivation to make a difference.
This position requires an active final Secret clearance upon hire date. The applicant must be able to obtain and maintain a Top Secret clearance. The applicant must also be able to maintain their security clearance for the position.
- Build collaborative internal relationships with program and project teams, as well as external relationships with customers, regulatory bodies, other agencies and business partners.
- Assist programs in capturing and refining information protection requirements, integrating those requirements into system designs, ensuring program compliance with government requirements, laying the groundwork for and developing documentation to support an Authority to Operate (ATO).
- Evaluate gaps in security and identify solutions to mitigate risk, including business processes, technical controls, or policy improvements. Validate that implemented controls, Security Technical Implementation Guides (STIG), or other methods to secure information are assessed.
- Develop security practices that embody industry standards, best practices and DoD requirements.
- Prepare and present training activities, materials, awareness programs that encourage proper security practices.
Typical Education & Experience
Typically a Bachelor's Degree and 10 years work experience or equivalent experience
Required Skills and Education
- Bachelor's Degree (or equivalent) and 14 years related cybersecurity work experience or equivalent experience.
- This position requires an active final Secret clearance upon hire date. The applicant must be able to obtain and maintain a Top Secret clearance. The applicant must also be able to maintain their security clearance for the position.
- Demonstrated leadership, human relations, effective communications skills, ability to build bridges, mediate contentious situations and build consensus.
- Prior experience working with senior management including technical and business-based briefings.
- DoD 8570 IAM Level II certification (e.g., Certified Information Systems Security Professional (CISSP), CompTIA Advanced Security Practitioner (CASP), etc.).
Preferred Skills and Education
- BS or equivalent in technical program (e.g., Computer Science, Information Technologies, Electronics).
- Minimum of 15 years of experience in an Information Systems (IS) and/or security related capacity that includes a technical understanding of computer networks, hardware, systems, databases, applications, security components (network, radio frequency (RF), physical), computer operations, and operating system maintenance.
- At least 5 years of management experience with a history of progressive responsibility and building bridges between organizations.
- Offensive-minded individual who has an Offensive Security Certified Professional (OSCP), Certified Ethical Hacker (CEH), or other equivalent certification.
- Adversarial/pen testing/red team experience.
- Direct experience working in a cybersecurity operations or SOC environment.
- Experience with the DoD RMF process and requirements.
- Understanding of the DoD and Air Force environment and familiarity with government agency reviews and audits.
- Experience with integrating security functional requirements into existing acquisition lifecycle phases, milestones, and deliverables using systems engineering principles and methodologies.
- Excellent written and oral communications skills, including high-level presentation abilities.
- The ability to mediate contentious situations and develop consensus. A demonstrated history building bridges across organizational boundaries and the ability to communicate with technical and non-technical persons in management across a large, complex organization.
- Experience in ICBM or similar strategic systems.
- An individual with high integrity and capable of building strong, trusting relationships.
- Experience in a matrix organization.
About BAE Systems Intelligence & Security
BAE Systems Intelligence & Security, based in McLean, Virginia, designs and delivers advanced defense, intelligence, and security solutions that support the important missions of our customers. Our pride and dedication shows in everything we do—from intelligence analysis, cyber operations and IT expertise to systems development, systems integration, and operations and maintenance services. Knowing that our work enables the U.S. military and government to recognize, manage and defeat threats inspires us to push ourselves and our technologies to new levels. That's BAE Systems. That's Inspired Work. Equal Opportunity Employer/Females/Minorities/Veterans/Disabled/Sexual Orientation/Gender Identity/Gender Expression. To see Inspired Work in action, visit www.baesystems.com and follow us on Facebook: www.facebook.com/baesystemsintel.
Apply on company website