BAE Systems, Inc. · 2 hours ago
Information Systems Security Officer
Springfield, VA
Full-time
Hybrid
Mid, Senior Level
$118K/yr - $201K/yr
5+ years expBAE Systems, Inc. is a leading defense, aerospace, and security company, seeking an Information Systems Security Officer (ISSO) to ensure the confidentiality, integrity, and availability of automated information systems. The ISSO will oversee Assessment and Authorization activities, manage risk acceptance, and maintain system security documentation while collaborating with various teams to enhance infrastructure and ensure compliance with federal regulations.
Defense & Space
No H1B
U.S. Citizen Only
Responsibilities
ISSO will drive the ATO (Authority To Operate) process for a new system from start to finish working with System Owner, Technical Teams, Infrastructure Teams, Systems Teams, ISSMs, Security Assessors, PM, CM etc
Create risk acceptance and waiver requests and submit for approval to OCIO
Manage to create and maintain Plan of Actions and Milestones (POA&Ms) and working aggressively for their closures working with appropriate resources
Ensure OCFO systems maintain a passing score in IACS (JCAM and Continuum) system
Create and maintain system security documentation to include FIPS 199, System Security Plan, Contingency Plan, Security Control Assessment, etc
Create monthly account audits and review audit logs to ensure current documentation is available for yearly OCFO consolidated audits
Create Contingency Planning documentation and conduct required training and conduct required incident response reporting
Review monthly continuous monitoring reports submitted to the Vulnerability Management Group and collaborate with System Engineer as needed
Perform daily Information Security Vulnerability Monitoring alerts (all must be researched & respond as to if they are applicable to the different software/services/platforms...etc. that exist in the system accreditation boundary)
Advise management of new security, regulations or policies within DHS and monitor NIST guidance that may effect ongoing system management
Ensure all system users and people with security responsibilities receive their annual awareness training. Review and validate user access rights
Approve PAR and RAR requests for system users. Ensure all system users sign the Rules of Behavior (ROB) before being granted access
Participate in the Change Request (CR) process (i.e., reviewing/approving change requests and conducting impact analyses). Support Change Control Boards as required. Review/deactivate unused accounts
Perform monthly reviews of FedRAMP COntinuous Monitoring data for SaaS systems
Apply deep expertise in the Risk Management Framework (RMF) and System Development Life Cycle (SDLC) to guide programs throughout system authorization and acquisition lifecycles
Develop system documentation
Assist with system infrastructure monitoring and enhancements, including appropriate software installations that comply with approvals and specifications
Qualification
Required
Bachelors degree and 5 years of related experience (education requirement may be substituted with an additional 4 years experience)
Ability to obtain and maintain DHS suitability
Preferred
Current DHS Suitability
Cybersecurity and risk management certifications
Experience advising on system architecture
Understanding or infrastructure patching operations
Benefits
Health, dental, and vision insurance
Health savings accounts
A 401(k) savings plan
Disability coverage
Life and accident insurance
Employee assistance program
A legal plan
Paid time off
Paid holidays
Paid parental leave
Military leave
Bereavement leave
Applicable federal and state sick leave
Company
BAE Systems, Inc.
Improving the future and protecting lives is an ambitious mission, but it’s what we do. BAE Systems, Inc. is the U.S.
10001+ employees
Funding
Current Stage
Late StageLeadership Team
Tom Arseneault
President & Chief Executive Officer, BAE Systems, Inc.
Don Widener, PhD
Chief Technology Officer, Intelligence Solutions
Recent News
2024-05-12
2024-05-12
2024-05-08
Company data provided by crunchbase