Apply Now

Senior Principal Cyber System Engineer

San Diego, CA, USA | BAE Systems

  • Industry:
    Airlines/Aviation/Aerospace
  • Position Type:
    Full-Time
  • Functions:
    IT / Information Technology
  • Experience:
    10-12 years
Job Description:
60 people have viewed this job

BAE Systems is looking for a lead Cybersecurity/Information Assurance Engineer to work on a multi-disciplinary team in an Agile, fast-paced development environment. The qualified candidate will be working on the security engineering team leading engineering activities in a rapid development environment to support the specification, development, and application of computer security technologies, cybersecurity and information assurance management techniques for an extensible open software framework for integration of tools capable of mission data processing in a Pivotal Cloud Foundry (PCF) environment for the DoD and/or Intelligence Community. The candidate will be responsible for setting team direction and organizing efforts to accomplish a task.


Keywords: Cyber, security, vulnerability, STIG, RMF, Risk Management Framework, A&A, Assessment and Authorization, threat modeling, offensive, attack vector, penetration testing, defense-in-depth, lead, Agile, PCF


Tasks may include:

Overseeing cyber system engineering teams

Leading and coordinating Assessment and Authorization (A&A) activities for DoD and Intelligence Systems in accordance with Risk Management Framework and ICD-503 guidelines

Coordinating and negotiating with customers AOs and development teams

Conducting offensive architecture analysis and design of defense-in-depth solutions

Leading the development of system security plans including, security concepts of operation, risk management matrix, security control traceability matrix, security test procedures, and plan of action and milestones

Analyzing vulnerability assessments to validate system compliance with RMF controls and DISA Security Technical Information Guidelines (STIGS)

Leading and coordinating security test event teams to achieve accreditation milestones

Verifying and validating vulnerability resolutions and/or mitigations

Analyzing static code scans and dynamic code scans to detect software vulnerabilities

Reviewing all technical changes to determine security relevance

Supporting proposal activities, developing innovative cyber solutions and developing accurate cost estimates


This position may require business travel to customer locations in support of product demonstrations, software installation, and system testing.

Please note that pursuant to a government contract, this specific position requires US citizenship status.


Typical Education & Experience

Typically a Bachelor's Degree and 10 years work experience or equivalent experience.


Required Skills and Education

Mastery of Cybersecurity policies, DoD or Intelligence Community A&A processes and procedures and industry best practices on complex systems

Proficient in vulnerability assessment, control allocation and risk mitigation

Extensive experience with traditional A&A tools: ACAS Nessus, HBSS, Xacta, eMASS, SCAP Scanner, Fortify, WebInspect, STIG Viewer

Experience with offensive architecting, threat modeling and attack vector analysis

Experience with cloud and cross domain solution accreditations

Experience with customer/stakeholder communication, management, relationship building, and customer satisfaction

Working knowledge of Earned Value Management System (EVMS) systems and Project management tools such as Cost Performance Index (CPI) and Integrated Master Schedule (IMS)

Ability to negotiate effectively with higher level managers, functional managers, customers, industry partners, and teammates

Demonstrated leadership skills (strategic thinking, business acumen, supervisory experience, building teams, building customer relationships)

Ability to support proposal and cost activities

Strong interpersonal skills and the ability to effectively build and lead teams

Strong mentoring skills

Strong planning and organizational skills with the ability to diagnose and resolve complex problems

Strong oral and written communications skills

US Citizenship and ability to be granted a security clearance by the Federal Government


Preferred Skills and Education

ISC2 CISSP-ISSAP or CISSP-ISSEP

Other cyber certifications (CCSP, CSSLP, OSCP, OSCE, etc.)


Graduate work with a cyber-focus


Experience securing and accrediting embedded systems


Experience with Cyber Failure Mode, Effects, and Criticality Analysis (FMECA)


Other companies hiring with Ivy Exec

 Company Logos