Cybersecurity Compliance Analyst- Remote Opening
Salary undisclosed
Apply on
Availability Status
This job is expected to be in high demand and may close soon. We’ll remove this job ad once it's closed.
Original
Simplified
Job Description
This role is a part of the BAE Systems' IT Delivery Cyber Compliance team and will collaborate with BAE Systems IT teams and our business sector teams to provide guidance on compliant solutions across various project types and technologies.
The primary purpose and function of this role is to assist the Design Authority (DA) team to evaluate proposed solutions for IT deficiencies, verify, and validate final solution artifacts included with the Sector information system/environment Plan of Action and Milestones (POAMs) and Return-to-Green (RTGs) as outlined in the existing 902-100 BAE Systems Cybersecurity Control Standard (informed by NIST SP 800-53), and Sector Information System/Environment System Security Plans (SSPs), and special security control requirements/processes assessed by BAE Systems.
The role of the Cybersecurity Compliance Analyst is designed to directly support corporate-wide Cyber Security compliance initiatives in collaboration with other Cyber Security Domain & Solution Architects. The role is expected to provide thought leadership for CMMC Cyber Security Standards and BAE Systems Cyber Security Standards, polices and directives at an enterprise level focused on efficiency and repeatable standard solutions.
The ideal candidate will have experience establishing cyber compliant enterprise solutions within a large organization with adherence to DoD standards such as NIST RMF, 800-53, 800-171, CMMC and ITAR. The candidate is responsible for establishing enterprise-level cyber design standards, providing guidance on implementation of controls, and review of remediation solutions across the organization. Additionally, the resource will author guidance, process documents and templates for system owners' to meet cyber security requirements. This position works closely with the Cyber Assurance Team, Engineering Teams and Service Delivery Organizations to consult on application of cyber security standards and auditable artifacts.
Job responsibilities include, but not limited to:
Required Education, Experience, & Skills
Preferred Education, Experience, & Skills
Pay Information
Full-Time Salary Range: $103590 - $176130
Please note: This range is based on our market pay structures. However, individual salaries are determined by a variety of factors including, but not limited to: business considerations, local market conditions, and internal equity, as well as candidate qualifications, such as skills, education, and experience.
Employee Benefits: At BAE Systems, we support our employees in all aspects of their life, including their health and financial well-being. Regular employees scheduled to work 20+ hours per week are offered: health, dental, and vision insurance; health savings accounts; a 401(k) savings plan; disability coverage; and life and accident insurance. We also have an employee assistance program, a legal plan, and other perks including discounts on things like home, auto, and pet insurance. Our leave programs include paid time off, paid holidays, as well as other types of leave, including paid parental, military, bereavement, and any applicable federal and state sick leave. Employees may participate in the company recognition program to receive monetary or non-monetary recognition awards. Other incentives may be available based on position level and/or job specifics.
About BAE Systems, Inc.
BAE Systems, Inc. is the U.S. subsidiary of BAE Systems plc, an international defense, aerospace and security company which delivers a full range of products and services for air, land and naval forces, as well as advanced electronics, security, information technology solutions and customer support services. Improving the future and protecting lives is an ambitious mission, but it's what we do at BAE Systems. Working here means using your passion and ingenuity where it counts - defending national security with breakthrough technology, superior products, and intelligence solutions. As you develop the latest technology and defend national security, you will continually hone your skills on a team-making a big impact on a global scale. At BAE Systems, you'll find a rewarding career that truly makes a difference.
Our Commitment to Diversity, Equity, and Inclusion:
At BAE Systems, we work hard every day to nurture an inclusive culture where employees are valued and feel like they belong. We are conscious of the need for all employees to see themselves reflected at every level of the company and know that in order to unlock the full potential of our workforce, everyone must feel confident being their best, most sincere self and be equipped to thrive. We provide impactful professional development experiences to our employees and invest in social impact partnerships to uplift communities and drive purposeful change. Here you will find significant opportunities to do meaningful work in an environment intentionally designed to be one where you will learn, grow and belong.
This role is a part of the BAE Systems' IT Delivery Cyber Compliance team and will collaborate with BAE Systems IT teams and our business sector teams to provide guidance on compliant solutions across various project types and technologies.
The primary purpose and function of this role is to assist the Design Authority (DA) team to evaluate proposed solutions for IT deficiencies, verify, and validate final solution artifacts included with the Sector information system/environment Plan of Action and Milestones (POAMs) and Return-to-Green (RTGs) as outlined in the existing 902-100 BAE Systems Cybersecurity Control Standard (informed by NIST SP 800-53), and Sector Information System/Environment System Security Plans (SSPs), and special security control requirements/processes assessed by BAE Systems.
The role of the Cybersecurity Compliance Analyst is designed to directly support corporate-wide Cyber Security compliance initiatives in collaboration with other Cyber Security Domain & Solution Architects. The role is expected to provide thought leadership for CMMC Cyber Security Standards and BAE Systems Cyber Security Standards, polices and directives at an enterprise level focused on efficiency and repeatable standard solutions.
The ideal candidate will have experience establishing cyber compliant enterprise solutions within a large organization with adherence to DoD standards such as NIST RMF, 800-53, 800-171, CMMC and ITAR. The candidate is responsible for establishing enterprise-level cyber design standards, providing guidance on implementation of controls, and review of remediation solutions across the organization. Additionally, the resource will author guidance, process documents and templates for system owners' to meet cyber security requirements. This position works closely with the Cyber Assurance Team, Engineering Teams and Service Delivery Organizations to consult on application of cyber security standards and auditable artifacts.
Job responsibilities include, but not limited to:
- Lead internal cybersecurity information technology reviews designed to directly support corporate-wide Cyber Security compliance initiatives in collaboration with other Cybersecurity Compliance Analysts.
- Conduct efficient and effective reviews, evaluation and provide input on how the proposed solutions and final artifacts adhere to key control domains based on the BAE Systems Cyber Security Standards, polices and directives at an enterprise level.
- Evaluate the design and operational effectiveness of IT controls and determine exposure to risk. Assist with providing guidance to remediate identified security and control risks.
- Facilitate compliance reviews to increase awareness and knowledge of compliance requirements and identifying ways to streamline or improve the control environment without increasing overall risk.
- Communicate complex technical issues in simplified terms to the relevant teams and stakeholders
- Help to define common workflows, automations, templates, inheritable cyber services, and execution value streams that enable sustainable compliance across the enterprise.
- Provide inputs to strategic cyber roadmaps with a focus on innovation and continuous improvement. Evaluate the latest industry trends in cyber security and bring those into the enterprise as applicable.
Required Education, Experience, & Skills
- Bachelor's Degree and 10 years' work experience or equivalent experience.
- At least 8 years of experience in information technology auditing, combined audit/IT audit, or relevant information security or information technology roles.
- Well-rounded IT audit experience, with Big Four external IT audit experience preferred.
- Strong attention to detail with an analytical mind on IT processes and outstanding problem-solving skills.
- Experience with continuous process improvement, innovative governance, risk and compliance solutions.
- Solid understanding of information security frameworks and IT audit methodologies.
- Data Analysis experience
Preferred Education, Experience, & Skills
- Proficient with a broad knowledge of IT operations and technologies such as Network Infrastructure technologies (WAN/MAN/LAN), Cybersecurity, Active Directory, Backup & Recovery, Data Center, Operating Systems, Virtualization Services, SDLC and Change Management.
- IT application experience (SAP, Oracle, PeopleSoft and Costpoint).
- 5 years of audit project management experience.
- Certification in one or more of the following:
- Certified Information Systems Auditor (CISA)
- Certified Information Systems Security Professional (CISSP)
- Certified Information Security Manager (CISM)
- Certificate of Cloud Security Knowledge (CCSK)
- Understanding of industry standards including ISO27001, ISO 20K, NIST 800-53, NIST 800-171, PCI DSS, HIPAA, GDP)
Pay Information
Full-Time Salary Range: $103590 - $176130
Please note: This range is based on our market pay structures. However, individual salaries are determined by a variety of factors including, but not limited to: business considerations, local market conditions, and internal equity, as well as candidate qualifications, such as skills, education, and experience.
Employee Benefits: At BAE Systems, we support our employees in all aspects of their life, including their health and financial well-being. Regular employees scheduled to work 20+ hours per week are offered: health, dental, and vision insurance; health savings accounts; a 401(k) savings plan; disability coverage; and life and accident insurance. We also have an employee assistance program, a legal plan, and other perks including discounts on things like home, auto, and pet insurance. Our leave programs include paid time off, paid holidays, as well as other types of leave, including paid parental, military, bereavement, and any applicable federal and state sick leave. Employees may participate in the company recognition program to receive monetary or non-monetary recognition awards. Other incentives may be available based on position level and/or job specifics.
About BAE Systems, Inc.
BAE Systems, Inc. is the U.S. subsidiary of BAE Systems plc, an international defense, aerospace and security company which delivers a full range of products and services for air, land and naval forces, as well as advanced electronics, security, information technology solutions and customer support services. Improving the future and protecting lives is an ambitious mission, but it's what we do at BAE Systems. Working here means using your passion and ingenuity where it counts - defending national security with breakthrough technology, superior products, and intelligence solutions. As you develop the latest technology and defend national security, you will continually hone your skills on a team-making a big impact on a global scale. At BAE Systems, you'll find a rewarding career that truly makes a difference.
Our Commitment to Diversity, Equity, and Inclusion:
At BAE Systems, we work hard every day to nurture an inclusive culture where employees are valued and feel like they belong. We are conscious of the need for all employees to see themselves reflected at every level of the company and know that in order to unlock the full potential of our workforce, everyone must feel confident being their best, most sincere self and be equipped to thrive. We provide impactful professional development experiences to our employees and invest in social impact partnerships to uplift communities and drive purposeful change. Here you will find significant opportunities to do meaningful work in an environment intentionally designed to be one where you will learn, grow and belong.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
Report this job Similar Jobs
