Cyber Analyst (ISSO)

About The Position

Requirements

• Bachelor's degree in Information Technology, Information Assurance, Cybersecurity or related field (Additional 4 years of experience may be substituted for the degree)
• At least 5 years of experience in information security or a related field
• Compliant with DoD Cyber Workforce Framework (DCWF), DoD Directive 8140.01 (supersedes DoD 8570). This may include CompTIA Security+, GIAC Security Essentials (GSEC), or ISC2 Systems Security Certificate Practitioner (SSCP), etc.
• Proficiency with current security tools, intrusion detection systems, and firewalls.
• Deep knowledge of NIST publications, particularly the NIST 800 series.
• Experience with enterprise network devices (routers, switches, firewalls) and various operating systems (e.g., UNIX, Microsoft).
• Proven experience in creating and maintaining security authorization documentation.
• Strong communication and teamwork skills are essential for collaborating with IT staff and management.

Nice To Haves

• Master's degree in Information Technology, Information Assurance, Cybersecurity or related field
• At least 8 years of experience in information security or a related field
• Senior cybersecurity certifications such as ISC2 Certified Information Systems Security Professional (CISSP), ISC2 CISSP-Architecture, ISACA Certified Information Security Manager (CISM), ISC2 Certified Authorization Professional (CAP), EC-Council Certified Chief Information Security Officer (C|CISO), ISACA Certification in Risk and Information Systems Control (CRISC), ISACA Certified Information Systems Auditor (CISA)

Responsibilities

• Policy and Procedure Development: Create and implement robust information security policies, protocols, and procedures to ensure the confidentiality, integrity, and availability of information systems.
• Risk Management: Conduct risk assessments, identify vulnerabilities, and recommend mitigation strategies to protect information systems.
• Security Auditing and Monitoring: Perform regular security audits, monitor network traffic for unusual activity, and manage security tools like firewalls.
• Incident Response: Investigate security breaches, coordinate incident response activities, and implement corrective actions.
• Documentation: Develop and maintain crucial security documentation, including System Security Plans (SSPs) and security authorization packages.
• Compliance: Ensure adherence to relevant legal and regulatory requirements, such as NIST Risk Management Framework (RMF).
• Technical Expertise: Provide technical guidance on security architecture, hardware/software security, and encryption techniques.
• Training and Reporting: Train other staff on security protocols and provide regular security status reports to management.

Benefits

• At BAE Systems, we support our employees in all aspects of their life, including their health and financial well-being. Regular employees scheduled to work 20+ hours per week are offered: health, dental, and vision insurance; health savings accounts; a 401(k) savings plan; disability coverage; and life and accident insurance. We also have an employee assistance program, a legal plan, and other perks including discounts on things like home, auto, and pet insurance. Our leave programs include paid time off, paid holidays, as well as other types of leave, including paid parental, military, bereavement, and any applicable federal and state sick leave. Employees may participate in the company recognition program to receive monetary or non-monetary recognition awards. Other incentives may be available based on position level and/or job specifics.