Y-Axis Jobs Logo
Send us feedback
telephone  +91 7670 800 001
Log in Sign up Try Premium
Information Systems Security Officer (ISSO) at BAE Systems
Washington, DC 20024, USA -
Full Time

Start Date

Immediate

Expiry Date

09 Nov, 25

Salary

221603.0

Posted On

10 Aug, 25

Experience

8 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

No

Skills

Leadership, Sca, Teamwork, Risk Management Framework, Artifacts, Ato, Cissp, Security Compliance, Management Skills

Industry

Information Technology/IT

Description

JOB DESCRIPTION

Join BAE Systems’ Intelligence and Security sector and be a part of a team who solves some of the world’s most complex technical challenges. We are looking for a Information Systems Security Officer (ISSO) to job our diverse and dedicate team.

As a Senior Information Systems Security Officer you will be responsible for safeguarding an organization’s computer networks and systems to the highest standards. The primary focus is on ensuring the security, integrity, and confidentiality of data within these systems. In this role, you will:

  • Conduct research, develop, implement, test and review an applications’ information security to ensure compliance with DoD/NIST RMF requirements
  • Direct contractor staff about security measures, explain potential threats, implement security measures, and monitor applications in order to meet or exceed all DoD/NIST RMF requirements
  • Design, develop, implement and/or integrate IA and security systems and system components including those for networking, computing, and enclave environments to include those with multiple enclaves and with differing data protection/classification requirements.
  • Analyze architecture and system functionality for multiple technologies.
  • Contribute to the development and evaluation of attack scenarios.
  • Prepare and delivers technical reports and briefings.
  • Have a complete understanding of Risk Management Framework and how to implement the process on program systems/networks.
  • Perform, or review, technical security assessments of computing environments to identify points of vulnerability, non-compliance with established IA standards and regulations, and recommend mitigation strategies.
  • Validate and verifie system security requirements definitions and analysis and establishes system security designs.
  • Assist architects and systems developers in the identification and implementation of appropriate information security functionality to ensure uniform application security policy and enterprise solutions.
  • Support the building of security architectures.
  • Enforce the design and implementation of trusted relations among external systems and architectures.
  • Assess and mitigate system security threats/risks throughout the program life cycle.
  • Contribute to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations.
  • Review certification and accreditation (C&A) documentation, providing feedback on completeness and compliance of its content.
  • Perform system installation, configuration maintenance, account maintenance, signature maintenance, patch management, and troubleshooting of operational IA and CND systems.
  • Perform limited penetration testing and routine exploit analysis.
  • Perform system or network designs that encompass multiple enclaves, to include those with differing data protection/classification requirements.
  • Recommend system-level solutions to resolve security requirements.

Support the Government in the enforcement of the design and implementation of trusted relationships among external systems and architectures.

Required Education, Experience, & Skills

  • Education:
  • 14+ years of professional experience with a Bachelor’s degree or equivalent
  • 12+ years of professional experience with a Master’s degree or equivalent
  • 10+ years of professional experience with a PhD or equivalent
  • Additional experience will be considered in lieu of a degree.
  • Active Top Secret/SCI Clearance able to obtain a Polygraph
  • Working with the application leads, sysadmins, dbas, developers and testers to ensure the assigned systems are security compliant and achieve/maintain ATO.
  • Loading artifacts such as STIG checklists and ACAS scans.
  • Helping to implement STIG checklists and mitigate scan findings.
  • Answering questions to ensure systems are developed with security compliance built in.
  • Supporting security assessment events and responding to all questions from PAT team, ISSMs and SCA
  • Must be DoD 8570 compliant at IA Technical (IAT)/IA Management (IAM) Level 2.
  • Analytical and effectively able to troubleshoot and prioritize needs, requirements, and other issues. Aside from technical skills
  • Excellent communication, teamwork, leadership, and conflict management skills

PREFERRED EDUCATION, EXPERIENCE, & SKILLS

  • Experince working with Xacta
  • 8+ years’ of ISSO experience as well as security clearance status of TS/SCI with a CI polygraph test
  • Certified Information Systems Security Professionals (CISSP)
  • Possess acute knowledge and practical experience of DoD 8510 and NIST 800-53 Risk Management Framework
Responsibilities
  • Conduct research, develop, implement, test and review an applications’ information security to ensure compliance with DoD/NIST RMF requirements
  • Direct contractor staff about security measures, explain potential threats, implement security measures, and monitor applications in order to meet or exceed all DoD/NIST RMF requirements
  • Design, develop, implement and/or integrate IA and security systems and system components including those for networking, computing, and enclave environments to include those with multiple enclaves and with differing data protection/classification requirements.
  • Analyze architecture and system functionality for multiple technologies.
  • Contribute to the development and evaluation of attack scenarios.
  • Prepare and delivers technical reports and briefings.
  • Have a complete understanding of Risk Management Framework and how to implement the process on program systems/networks.
  • Perform, or review, technical security assessments of computing environments to identify points of vulnerability, non-compliance with established IA standards and regulations, and recommend mitigation strategies.
  • Validate and verifie system security requirements definitions and analysis and establishes system security designs.
  • Assist architects and systems developers in the identification and implementation of appropriate information security functionality to ensure uniform application security policy and enterprise solutions.
  • Support the building of security architectures.
  • Enforce the design and implementation of trusted relations among external systems and architectures.
  • Assess and mitigate system security threats/risks throughout the program life cycle.
  • Contribute to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations.
  • Review certification and accreditation (C&A) documentation, providing feedback on completeness and compliance of its content.
  • Perform system installation, configuration maintenance, account maintenance, signature maintenance, patch management, and troubleshooting of operational IA and CND systems.
  • Perform limited penetration testing and routine exploit analysis.
  • Perform system or network designs that encompass multiple enclaves, to include those with differing data protection/classification requirements.
  • Recommend system-level solutions to resolve security requirements