Job Description

See what you re missing. Our employees work on the world s most advanced electronics

from detecting threats for F-35 pilots to illuminating the night for soldiers. Spanning air, land,

sea, and space, we are developing the technology of tomorrow, delivered today. Drawing

strength from our differences, we re innovating for the future. And you can, too.

Our flexible work environment provides you a chance to change the world without giving up

your personal life. We put our customers first exemplified by our mission: We Protect Those

Who Protect Us. Sound like a team you want to be a part of? Come build your career with

BAE Systems.

In Command, Control, Communications, Computers, Intelligence, Surveillance, and

Reconnaissance (C4ISR) Systems, you ll help develop systems that sense, control, exploit and

disseminate actionable information to warfighters supporting a variety of missions.

BAE Systems is looking for a Senior Principal Cyber Systems Engineer. The qualified candidate will be leading the cyber systemsengineering activities in a rapiddevelopment environment supporting the specification, development, and application of computer security technologies, cybersecurity and information assurance management techniques to DoD systems.

While the program efforts are in Greenlawn New York, this position can also be filled from an office in southern New Hampshire.

Because this role involves a combination of collaborative/in-person and independent

work, it will take the form of a hybrid work format, with time split between working

onsite and remotely.

This position may require business travel in support of customer meetings, product demonstration, Integration and/or systems testing.

In this role, you will:

• Lead traditional systems engineering tasks such as requirements development and allocation, cyber design engineering, cyber implementation engineering, and Verification and Validation

• Lead Assessment and Authorization (A&A) activities for DoD Systems in accordance with Risk Management Framework

• Support offensive architecture analysis and design of defense-in-depth solutions

• Support Development Security Operations (DevSecOps) integration

• Develop and assess system security plans including, security concepts of operation, risk management, security control traceability matrix, security test procedures, and plan of action and milestones

• Conduct and analyze vulnerability assessments to validate system compliance with RMF controls and DISA Security Technical Information Guidelines (STIG)

• Analyze static and dynamic code scans to validate Application Security and Development STIG compliance

Who You Are:

• You re constantly updating your to-do list and planning ahead

• You re able to concisely explain complex subjects in person and in email

• You re always anticipating your customers needs, working to exceed their expectations

• You re a good judge of how long projects take to complete, and always alert others if things get off track

Keywords: Cyber, security, vulnerability, STIG, RMF, Risk Management Framework, A&A, Assessment and Authorization, threat modeling, offensive, attack vector, defense-in-depth, DevSecOps, DSO, CI/CD, Pipeline, Containerization, AWS Cloud, Kubernetes, MBSE, Attack Vector, Attack Surface, Resilience, Survivability

Required Education, Experience, & Skills

• Bachelor of Science degree in a Cyber, Systems, Software, Electrical, Mechanical or similarly related engineering/technical discipline; and 12 year(s) related experience or equivalent experience, training and/or certifications

• Strong systems engineering skills, interpersonal skills, and the ability to effectively build and lead teams

• US Citizenship with an Active Secret security clearance

• CompTIA Security or equivalent certification

Preferred Education, Experience, & Skills

• Motivated self-starter with good problem-solving skills, judgment, and analytical capability

• Expertise in vulnerability assessment, control allocation and risk mitigation

• Demonstrated expertise in national Cybersecurity policies, DoD A&A processes and procedures and industry best practices on complex systems

• Other cyber certifications (CISSP-ISSAP, CISSP-ISSEP, CCSP, CEH, OSCP, etc.)

• Extensive experience with traditional A&A tools: ACAS Nessus, SCAP Scanner, STIG Viewer

• Understanding of offensive security tactics, techniques and procedures

• Experience with Cyber Failure Mode, Effects, and Criticality Analysis (FMECA)

• Experience writing proposals with innovative cost-effective solutions and cost activities

• Experience with offensive architecting, threat modeling and attack vector analysis

• Ability to negotiate effectively with higher level managers, functional managers, customers, industry partners, and teammates

• Demonstrated leadership skills (supervisory experience, building teams, building customer relationships)

• Working knowledge of Earned Value Management System (EVMS) systems and Project management tools such as Cost Performance Index (CPI) and Integrated Master Schedule (IMS)

• Experience with leading and coordinating security test events to achieve accreditation milestones

• Experience with verifying and validating vulnerability resolutions and/or mitigations

• Experience with Attack and Threat modeling

• Strong mentoring skills

• Good planning and organizational skills

• Strong oral and written communications skills

Pay Information

Full-Time Salary Range: $142205 - $241749

Please note: This range is based on our market pay structures. However, individual salaries are determined by a variety of factors including, but not limited to: business considerations, local market conditions, and internal equity, as well as candidate qualifications, such as skills, education, and experience.

Employee Benefits: At BAE Systems, we support our employees in all aspects of their life, including their health and financial well-being. Regular employees scheduled to work 20 hours per week are offered: health, dental, and vision insurance; health savings accounts; a 401(k) savings plan; disability coverage; and life and accident insurance. We also have an employee assistance program, a legal plan, and other perks including discounts on things like home, auto, and pet insurance. Our leave programs include paid time off, paid holidays, as well as other types of leave, including paid parental, military, bereavement, and any applicable federal and state sick leave. Employees may participate in the company recognition program to receive monetary or non-monetary recognition awards. Other incentives may be available based on position level and/or job specifics.

Senior Cyber Systems Engineer Hybrid

111016BR

EEO Career Site Equal Opportunity Employer. Minorities . females . veterans . individuals with disabilities . sexual orientation . gender identity . gender expression