Job Description
What’s it like to be a part of an innovative company protecting and securing what is important and valuable to us? Amazing! Join BAE Systems Intelligence and Security (I&S) sector and be a part of an innovative team who solves the some of the most complex technical challenges.
We are looking for Delegated Authorizing Official Representatives (DAO-Rs) to join a team of Cybersecurity professionals responsible for safeguarding the customer enterprise, conduct technical research to evaluate systems and tools for potential vulnerabilities, and provide risk recommendations on baseline and changes to ensure compliance and maintain secure critical information technology (IT) systems.
As a DAO-R, you will:
• ensure develop and maintain plans, instructions, guidance, and standard operating procedures concerning the security of IT systems operations.
• oversee compliance activities and continuous validation of the enterprise security posture against policies and guidance such as (ICD 503) through the Risk Management Framework (RMF) Lifecycle.
• provide recommendations and ensure remediation plans are in place for vulnerabilities identified as part of the risk mitigation process
• lead security risk assessments as part of the Security Assessment and Authorization process
• coordinate cybersecurity inspections, tests, and reviews for enterprise IT systems.
An ideal candidate will,
• advise senior management on policy standards and implementation strategies to ensure compliance with security policies, guidance, and procedures and to protect critical IT Systems
• identify IT systems specific security requirements across all phases of the System Life Cycle
• practice continuous evaluation, validation, and implementation of improvement actions as needed
• review non-compliance to determine patterns and the impact on risk level efficacy the enterprise’s cybersecurity program.
Candidate should have a working knowledge of:
• cybersecurity principles and specific operational impacts of cybersecurity lapses
• computer networking concepts and protocols, network architecture, and network security methodologies.
• system life cycle management principles, including security and usability.
• current industry methods for performing security assessments and authorization processes (including achieving Certification to Field (CtF) and Authority to Operate (ATO))
• handling protocols for sensitive and classified information, and procedures for information compromise
• Risk Management Framework (RMF) requirements
• incident response and handling methodologies.
• enterprise incident response program, roles, and responsibilities.
More senior DAO-Rs may also,
• act as primary contact for the prime and/or customer regarding status of ongoing risk mitigation activities, findings, and implementation of remediation efforts
• supervise or manage corrective actions and mitigation efforts when a cybersecurity incident or vulnerability is discovered
• advise senior management or Authorizing Official on risk levels and changes affecting the organization’s cybersecurity posture
• oversee program compliance with customer information security training and awareness requirements
Pay Information:
Salary Range: $109,000 – $185,000
Please note: This range is based on our market pay structures. However, individual salaries are determined by a variety of factors including, but not limited to: business considerations, local market conditions, and internal equity, as well as candidate qualifications, such as skills, education, and experience.
Employee Benefits: At BAE Systems, we support our employees in all aspects of their life, including their health and financial well-being. Regular employees scheduled to work 20+ hours per week are offered: health, dental, and vision insurance; health savings accounts; a 401(k) savings plan; disability coverage; and life and accident insurance. We also have an employee assistance program, a legal plan, and other perks including discounts on things like home, auto, and pet insurance. Our leave programs include paid time off, paid holidays, as well as other types of leave, including paid parental, military, bereavement, and any applicable federal and state sick leave. Employees may participate in the company recognition program to receive monetary or non-monetary recognition awards. Other incentives may be available based on position level and/or job specifics.
Required Skills and Education
Education/Equivalent:
• Associate degree in Computer Science, Engineering, or related technical discipline OR equivalent experience and training from the DoD 8140 Training Repository OR 1 of the following certifications:
• Intermediate: CAP or CASP+ or CCISO or CCSP or CISM or CISSP or Cloud + or SSCP
• Advanced: CISSP-ISSMP or GSLC
Certification Requirement:
• Intermediate/Advanced levels require IAT Level 3 or IAM Level 2 (or higher) certification (e.g. CASP CE, CISA, CISSP (or Associate), GCED, GCIH, CISM, GSLC, CISSP-ISSAP, CISSP-ISSEP)
• Entry levels require IAM Level 1 (or higher) certifications (e.g. CAP, CND, Cloud+, GSLC, Security+ CE, etc.)
5+ years of experience as DAO-R and related roles such as ISSO, ISSE, SCA, ISSM, etc.
2+ years of hands-on experience with cybersecurity governance and methodologies
(At least 3 years of relevant roles and 2 years of hands-on experience for entry level applicants)
Experience must include:
• creating policies reflecting system security objectives
• participation in A&A of security systems
• Experience with Xacta and ServiceNow, or similar tools.
• performing cyber risk assessment
• NIST SP 800 Series, ICD 503 RMF, experience in networking protocols, cloud and software defined networking principles and technologies, and cyber security principles
About BAE Systems Intelligence & Security
BAE Systems, Inc. is the U.S. subsidiary of BAE Systems plc, an international defense, aerospace and security company which delivers a full range of products and services for air, land and naval forces, as well as advanced electronics, security, information technology solutions and customer support services. Improving the future and protecting lives is an ambitious mission, but it’s what we do at BAE Systems. Working here means using your passion and ingenuity where it counts – defending national security with breakthrough technology, superior products, and intelligence solutions. As you develop the latest technology and defend national security, you will continually hone your skills on a team-making a big impact on a global scale. At BAE Systems, you’ll find a rewarding career that truly makes a difference.
Intelligence & Security (I&S), based in McLean, Virginia, designs and delivers advanced defense, intelligence, and security solutions that support the important missions of our customers. Our pride and dedication shows in everything we do-from intelligence analysis, cyber operations and IT expertise to systems development, systems integration, and operations and maintenance services. Knowing that our work enables the U.S. military and government to recognize, manage and defeat threats inspires us to push ourselves and our technologies to new levels.
Our Commitment to Diversity, Equity, and Inclusion:
At BAE Systems, we work hard every day to nurture an inclusive culture where employees are valued and feel like they belong. We are conscious of the need for all employees to see themselves reflected at every level of the company and know that in order to unlock the full potential of our workforce, everyone must feel confident being their best, most sincere self and be equipped to thrive. We provide impactful professional development experiences to our employees and invest in social impact partnerships to uplift communities and drive purposeful change. Here you will find significant opportunities to do meaningful work in an environment intentionally designed to be one where you will learn, grow and belong.
Preferred Skills and Education
• Bachelor’s degree in Computer Science, Engineering, or related technical discipline
• CISSP-ISSMP or GSLC certification
10+ years of experience as DAO-R and related roles such as ISSO, ISSE, SCA, ISSM, etc.
4+ years of hands on experience with cybersecurity governance and methodologies
EEO Career Site
Equal Opportunity Employer. Minorities . females . veterans . individuals with disabilities . sexual orientation . gender identity . gender expression