BAE Systems is looking for a Security Systems Administrator. The qualified candidate will be working with a lead ISSO or ISSM supporting system security activities in a rapid development environment. They will support the specification, development, implementation, and maintenance of computer security technologies using cybersecurity methodologies and information assurance management techniques on internal, DoD, and Intelligence Community systems.
Tasks may include:
* Performing technical tasks as part of the Security Systems Administrator team supporting system security compliance * Providing technical and procedural support to processes and procedures needed to maintain the system security posture and perform continuous monitoring within program budget * Maintaining day-to-day security posture and continuous monitoring of IS including security event log review and analysis * Conducting vulnerability scans and static code scans to detect system security and configuration vulnerabilities * Reporting or resolving system configuration and patching vulnerability issues in coordination with the lead ISSM/ISSO or program management * Conducting automated and manual system assessments to validate system compliance with DISA Security Technical Information Guidelines (STIGS) * Ensuring system security measures comply with applicable government policies (RMF, NIST SP 800-53, NIST SP 800-171, and internal standards) * Providing configuration and change management and accurately assessing the impact of system/configuration modifications upon the system's security posture and compliance * Reviewing and providing recommendations for approval of all modifications to the information system * Maintaining a thorough understanding of NIST 800-53 controls, and determine which controls are applicable to the application, as well as document implementation in a System Security Plan (SSP) or Security Controls Tractability Matrix (SCTM) * Conducting reviews and technical inspections (as prescribed by the Lead ISSM/ISSO) to identify and mitigate potential security weaknesses, and ensure that security features applied to a system are implemented and functional * Assisting the Lead ISSM/ISSO in monitoring and resolving Plan of Action and Milestones (POA&M) to mitigate system vulnerabilities on assigned Information Systems * Drafting, and maintaining the security Body of Evidence such as the IA CONOPS, Risk Matrix, SSP, STP, POA&M, SCTM, and system policies and procedures * Supporting Assessment and Authorization and other security test events or reviews to achieve accreditation milestones * Support reporting of security incidentsThis position may require business travel to customer locations in support of product demonstrations, software installation, and system testing.