Sr. ISSE (Vulnerability Management)

Job Description
As a senior member of the Vulnerability Management and Assessment Team (VMAT), you will be part of a fast-paced team functioning as a SME in Security Assessments and Engineering, supporting CISA in safeguarding systems and networks across multiple environments. You bring the following to the team.

• Expertise in security engineering, system and network security, authentication and security protocols, cryptography, and application security
• Experience using and deploying vulnerability scanning and testing tools such as Burp suite, Rapid7 InsightVM, Tenable Nessus, Web Inspect, Net Sparker, DB Protect, App Detective, Prisma Cloud, Core Impact, Microsoft Defender, AWS Security Hub, AWS Inspector, Code DX and similar platforms
• Experience analyzing and testing vulnerabilities, establishing cause and impact, and identifying corrective actions to eliminate and prevent the event from happening in the future
• Experience in vulnerability and assessment validations in various environments such as development, staging, and production
• Experience using various cloud environments such as Amazon Web Services, Azure, and/or Google Cloud
• Experience with system administration in Windows and/or Linux
• Purple Team capabilities and expertise (Blue - defensive and Red - offensive)
• Experience setting up and conducting extensive vulnerability and compliance assessment scans against a variety of unique target environments (e.g., development, staging, production, on-premise, cloud, and virtual)
• Manage and maintain scans across host operating system, web, database, cloud, and application-specific platforms
• Ability to identify DISA STIGs or best practices applicable for assessment and weekly scans
• Ability to provide guidance and support regarding the remediation of vulnerability and compliance findings

Required Education, Experience, & Skills
Bachelor's Degree with 7 years related experience including cloud security
OR
10 total years of experience in Information Assurance, and IT Security including cloud security.
Obtain and maintaining an IAT Level III baseline certification within (90) days of hire.
Your roles, skills, and activities will include the following.

• Build out scan policies, active scan jobs, asset lists, credentials, and onboard assets for scanning
• Conduct assessments and audits to identify weaknesses and security gaps
• Conduct in-depth security validation assessment assignments in response to new deployments and significant changes to environments
• Conduct quick security validation assessment assignments in response to availability of new audit file or non-significant change to a pre-existing system
• Identify, evaluate, validate, manage, test, and report on vulnerabilities
• Provide solutions to gaps in security posture
• Serve as a security SME across different domains
• Build and deliver detailed reporting deliverables from scans and assessments to stakeholders
• Respond to ad hoc requests and high-priority government tasks
• Conduct discovery scanning and have awareness of IP CIDR ranges, ports, protocols, source, and destination distinctions
• Deploy and maintain the latest approved DISA and commercially recognized audit files across FISMA systems
• Perform manual assessment of DISA STIGs on systems undergoing assessment and audit
• Support triaging efforts to determine root cause of detected issues or findings across various systems
• Troubleshoot and provide corrective guidance for scan issues such as host configurations, credentials, network blocks, and scanner accessibility
• Maintain target asset lists across all security tools ensuring alignment with system inventory
• Validate false positive and true positive submissions by analysis and vetting of artifacts and justifications
• Maintain and recommend improvements to security tools testing suite
• Provide support during ATO, penetration tests, and other auditing efforts
• Conduct risk analyses on CVEs, plugins, CWEs, KEVs, etc.
• Perform weekly scanning of systems in continuous monitoring and provide accurate scan results
• Build and maintain various tool-specific dashboards to support system vulnerability and compliance remediation efforts
• Participate in Agile planning events as a representative of the VMAT team.
• Conduct research, evaluation, and testing and provide technical input and recommendation regarding new security software and testing tools or devices for procurement
• Provide expertise in implementation of technical security controls in government cloud environments (cloud security experience required)

Preferred Education, Experience, & Skills
CISSP, CCSP, CEH, AWS-SEC, MCASEA
Secret
Pay Information
Full-Time Salary Range: $126610 - $215270
Please note: This range is based on our market pay structures. However, individual salaries are determined by a variety of factors including, but not limited to: business considerations, local market conditions, and internal equity, as well as candidate qualifications, such as skills, education, and experience.
Employee Benefits: At BAE Systems, we support our employees in all aspects of their life, including their health and financial well-being. Regular employees scheduled to work 20+ hours per week are offered: health, dental, and vision insurance; health savings accounts; a 401(k) savings plan; disability coverage; and life and accident insurance. We also have an employee assistance program, a legal plan, and other perks including discounts on things like home, auto, and pet insurance. Our leave programs include paid time off, paid holidays, as well as other types of leave, including paid parental, military, bereavement, and any applicable federal and state sick leave. Employees may participate in the company recognition program to receive monetary or non-monetary recognition awards. Other incentives may be available based on position level and/or job specifics.
About BAE Systems Intelligence & Security
BAE Systems, Inc. is the U.S. subsidiary of BAE Systems plc, an international defense, aerospace and security company which delivers a full range of products and services for air, land and naval forces, as well as advanced electronics, security, information technology solutions and customer support services. Improving the future and protecting lives is an ambitious mission, but it's what we do at BAE Systems. Working here means using your passion and ingenuity where it counts - defending national security with breakthrough technology, superior products, and intelligence solutions. As you develop the latest technology and defend national security, you will continually hone your skills on a team-making a big impact on a global scale. At BAE Systems, you'll find a rewarding career that truly makes a difference.
Intelligence & Security (I&S), based in McLean, Virginia, designs and delivers advanced defense, intelligence, and security solutions that support the important missions of our customers. Our pride and dedication shows in everything we do-from intelligence analysis, cyber operations and IT expertise to systems development, systems integration, and operations and maintenance services. Knowing that our work enables the U.S. military and government to recognize, manage and defeat threats inspires us to push ourselves and our technologies to new levels.
Our Commitment to Diversity, Equity, and Inclusion:
At BAE Systems, we work hard every day to nurture an inclusive culture where employees are valued and feel like they belong. We are conscious of the need for all employees to see themselves reflected at every level of the company and know that in order to unlock the full potential of our workforce, everyone must feel confident being their best, most sincere self and be equipped to thrive. We provide impactful professional development experiences to our employees and invest in social impact partnerships to uplift communities and drive purposeful change. Here you will find significant opportunities to do meaningful work in an environment intentionally designed to be one where you will learn, grow and belong.