Senior ISSE/Penetration Tester

Job Description
Break the System to Build a Stronger One
Join BAE Systems, a global leader in defense and aerospace, where your skills in offensive security protect the world's most critical infrastructure. We are looking for a Senior ISSE/Lead Penetration Tester to join a high-performing, agile team dedicated to identifying, containing, and eradicating the most sophisticated cyber threats. If you have a passion for uncovering vulnerabilities and a drive to secure Enterprise-wide systems, we want you.
As part of a team of Security Engineers you will develop and lead Security Testing Events by conducting penetration testing, publishing results, and researching penetration testing tools to enhance our overall testing capabilities. The position requires a solid understanding of security practices and policies as well as hands-on vulnerability testing experience. The selected individual will collaborate with other engineers and technical experts in providing improvements to our operational, test, integration, and development systems.
#LI-PB2
Required Education, Experience, & Skills

• Must possess a TS/SCI clearance appropriate polygraph
• At least 10 years of relevant experience with both ISSE and Penetration Testing, not just one or the other
• Must have extensive, demonstrated knowledge of and experience with common security tools, such as Nessus, NMAP and Wireshark hardware/software security implementation, communication protocol, encryption techniques/tools, and web services.
• Must have in-depth understanding and extensive experience with security practices and policies and hands-on vulnerability testing using Tenable Nessus scanning products and/or nmap (Network Mapper).
• Must have experience with Defense in Depth Principals/technology, including access control, authorization, identification and authentication, public key infrastructure, network and enterprise security architecture, and applying risk assessment methodology to system development.
• Must have experience applying Risk Management Framework.
• Must have experience formulating and assessing IT security policy.
• Must have experience with secure configurations of commonly used desktop and server operating systems.
• Must have experience with penetration testing tools.
• Must have experience developing and implementing integrated security services management processes, such as assessing and auditing network penetration testing, anti-virus planning assistance, risk analysis, and incident response.
• Must have experience providing information assurance support for application development that includes system security certifications and project evaluations for firewalls that encompass system development, design, and implementation.
• Must be comfortable working on multiple systems and components simultaneously in various configurations.
• Must be able to effectively plan and prioritize tasking and communicate clearly regarding technical options and trade-offs.
• Must be capable of performing high quality work both independently and with a team in a fast-moving environment.
• Must have strong verbal and written communications skills.
• Must be committed to adopting and adhering to best practices.

MDOPS
Preferred Education, Experience, & Skills

• Bachelor's degree or master's degree in Computer Science, Information Assurance, Information Security System Engineering, or a related discipline.
• DoD 8570 compliance with IASAE Level 2 or 3.
• Information Systems Security Engineering Professional (ISSEP) Certification and/or Computer Information Systems Security Professional (CISSP) Certification.
• Experience with scripting languages.
• Candidates with certifications in the following areas are strongly preferred:
  • GIAC Web Applications Penetration Tester (GWAPT)
  • GIAC Penetration Tester (GPEN)
  • Certified Ethical Hacker (CEH)
  • Certified Information Security Manager (CISM)
  • Certified Web Application Defender (GWEB)
  • Certified Information System Security Professional (CISSP)

Pay Information
Full-Time Salary Range: $149603 - $254317
Please note: This range is based on our market pay structures. However, individual salaries are determined by a variety of factors including, but not limited to: business considerations, local market conditions, and internal equity, as well as candidate qualifications, such as skills, education, and experience.
Employee Benefits: At BAE Systems, we support our employees in all aspects of their life, including their health and financial well-being. Regular employees scheduled to work 20+ hours per week are offered: health, dental, and vision insurance; health savings accounts; a 401(k) savings plan; disability coverage; and life and accident insurance. We also have an employee assistance program, a legal plan, and other perks including discounts on things like home, auto, and pet insurance. Our leave programs include paid time off, paid holidays, as well as other types of leave, including paid parental, military, bereavement, and any applicable federal and state sick leave. Employees may participate in the company recognition program to receive monetary or non-monetary recognition awards. Other incentives may be available based on position level and/or job specifics.
About BAE Systems Intelligence & Security
BAE Systems, Inc. is the U.S. subsidiary of BAE Systems plc, an international defense, aerospace and security company which delivers a full range of products and services for air, land and naval forces, as well as advanced electronics, security, information technology solutions and customer support services. Improving the future and protecting lives is an ambitious mission, but it's what we do at BAE Systems. Working here means using your passion and ingenuity where it counts - defending national security with breakthrough technology, superior products, and intelligence solutions. As you develop the latest technology and defend national security, you will continually hone your skills on a team-making a big impact on a global scale. At BAE Systems, you'll find a rewarding career that truly makes a difference.
Intelligence & Security (I&S), based in McLean, Virginia, designs and delivers advanced defense, intelligence, and security solutions that support the important missions of our customers. Our pride and dedication shows in everything we do-from intelligence analysis, cyber operations and IT expertise to systems development, systems integration, and operations and maintenance services. Knowing that our work enables the U.S. military and government to recognize, manage and defeat threats inspires us to push ourselves and our technologies to new levels.
This position will be posted for at least 5 calendar days. The posting will remain active until the position is filled, or a qualified pool of candidates is identified.