BAE Systems Senior Information Systems Security Manager (ISSM) in Tucson, Arizona
BAE Systems is seeking a highly skilled and motivated individual to join our team of professionals as a Cybersecurity Professional/Information System Security Manager. The qualified candidate will be leading a team of Information System Security Officers/System Administrators to support and maintain the cyber compliance of the Compass Call delivered Mission systems at Davis Monthan, AFB. The candidate will serve as the Information System Security Manager for Mission systems within his/her purview in support to the Compass Call program, to include, operations, training and test. The candidate will serve as the principle advisor on all compliance matters, technical or otherwise, involving the security of Information Systems under his/her purview.
Responsible for supporting adherence to all aspects of arigorous Risk Managed Framework (RMF) complianceprogram as stipulated by ICD 503, STIGs, associated NIST/JSIG publications and the Authorizing Organization.
Because of the need for consistent, in-person collaboration and/or the requirement to perform all work onsite due to the nature of this particular role, it will be performed full-time on site . This means work will be conducted on location at a Davis Monthan, AFB facility 100% of the time.
Additional responsibilities include the following:
Lead Assessment and Authorization (A&A) activities for DoD and Intelligence Systems in accordance with Risk Management Framework and ICD-503 guidelines and customer requirements
Develop and maintain information system security plans, including, security concepts of operation (SECONOPS), risk management matrix, security control traceability matrix (SCTM), security test procedures, plan of action and milestones (POA&M), and local site policies and procedures
Coordinate and collaborate with the Compass Call Cyber Engineering team and Electronic Systems Security team geographically located at BAE Systems New Hampshire
Conducting, coordinating, auditing and analyzing vulnerability scans utilizing ACAS/Nessus
Identifying and implementing vulnerability resolutions and/or mitigations
Conducting security test events to achieve accreditation milestones
This position may require business travel to customer locations in support of product demonstrations, software installation, and system testing
Candidate may be required to periodically support a rotation of 1st, 2nd or 3rd or weekend shifts, to support site OPTEMPO
Deployment events will range from one to twelve consecutive weeks, and will be to both CONUS and OCONUS locations
Required Education, Experience, & Skills
IAM Level III certification commensurate with DoD 8140 requirements
High level of personal motivation and initiative to learn and acquire new skills, and adapt seamlessly to an ever-changing security environment
Customer focused, excellent communicator and ability to work with limited supervision.
Strong organizational skills
Able to interface with other cyber team members, other security disciplines (industrial security, physical security, special programs security, etc.), program personnel and government security representatives
Strong interpersonal skills and the ability to effectively build and lead teams; Good mentoring skills
Demonstrated ability to work with minimal supervision; Planning and organizational skills
Demonstrated ability to create Assessment and Authorization (A&A) artifacts and procedures that resulted in an Approval To Operate (ATO)
Experience with DISA STIGs, IAVA compliance hardening, vulnerability scans and remediation
Experience with and responsible for managing traditional RMF tools: ACAS/Nessus, HBSS, Xacta, eMASS, SCAP Scanner, STIG Viewer
Preferred Education, Experience, & Skills
Run and maintain the entire Cybersecurity program for a complex operating environment
Working knowledge of system functions, security policies, technical security safeguards, and operational security measures
Experience with auditing and certifying compliance of various systems (Windows, Linux, Network Devices and peripherals)
Experience with development and delivery of IA-related briefings and training material.
Translate operational requirements into technical requirements and architectures needed to meet program objectives
Experience with conducting all aspects of a cybersecurity compliance self-inspection
Full-Time Salary Range: $111700 - $189900
Please note: This range is based on our market pay structures. However, individual salaries are determined by a variety of factors including, but not limited to: business considerations, local market conditions, and internal equity, as well as candidate qualifications, such as skills, education, and experience.
Employee Benefits: At BAE Systems, we support our employees in all aspects of their life, including their health and financial well-being. Regular employees scheduled to work 20 hours per week are offered: health, dental, and vision insurance; health savings accounts; a 401(k) savings plan; disability coverage; and life and accident insurance. We also have an employee assistance program, a legal plan, and other perks including discounts on things like home, auto, and pet insurance. Our leave programs include paid time off, paid holidays, as well as other types of leave, including paid parental, military, bereavement, and any applicable federal and state sick leave. Employees may participate in the company recognition program to receive monetary or non-monetary recognition awards. Other incentives may be available based on position level and/or job specifics.
Senior Information Systems Security Manager (ISSM)
EEO Career Site Equal Opportunity Employer. Minorities . females . veterans . individuals with disabilities . sexual orientation . gender identity . gender expression
- BAE Systems Jobs