Job Description As a senior member of the Vulnerability Management and Assessment Team (VMAT), you will be part of a fast-paced team functioning as a SME in Security Assessments and Engineering, supporting CISA in safeguarding systems and networks across multiple environments. You bring the following to the team.Expertise in security engineering, system and network security, authentication and security protocols, cryptography, and application securityExperience using and deploying vulnerability scanning and testing tools such as Burp suite, Rapid7 InsightVM, Tenable Nessus, Web Inspect, Net Sparker, DB Protect, App Detective, Prisma Cloud, Core Impact, Microsoft Defender, AWS Security Hub, AWS Inspector, Code DX and similar platformsExperience analyzing and testing vulnerabilities, establishing cause and impact, and identifying corrective actions to eliminate and prevent the event from happening in the futureExperience in vulnerability and assessment validations in various environments such as development, staging, and productionExperience using various cloud environments such as Amazon Web Services, Azure, and/or Google CloudExperience with system administration in Windows and/or LinuxPurple Team capabilities and expertise (Blue - defensive and Red - offensive)Experience setting up and conducting extensive vulnerability and compliance assessment scans against a variety of unique target environments (e.g., development, staging, production, on-premise, cloud, and virtual)Manage and maintain scans across host operating system, web, database, cloud, and application-specific platformsAbility to identify DISA STIGs or best practices applicable for assessment and weekly scansAbility to provide guidance and support regarding the remediation of vulnerability and compliance findingsRequired Education, Experience, & Skills Bachelor's Degree with 7 years related experience including cloud security
OR
10 total years of experience in Information Assurance, and IT Security including cloud security.
Obtain and maintaining an IAT Level III baseline certification within (90) days of hire.

Your roles, skills, and activities will include the following.Build out scan policies, active scan jobs, asset lists, credentials, and onboard assets for scanningConduct assessments and audits to identify weaknesses and security gapsConduct in-depth security validation assessment assignments in response to new deployments and significant changes to environmentsConduct quick security validation assessment assignments in response to availability of new audit file or non-significant change to a pre-existing systemIdentify, evaluate, validate, manage, test, and report on vulnerabilitiesProvide solutions to gaps in security postureServe as a security SME across different domainsBuild and deliver detailed reporting deliverables from scans and assessments to stakeholdersRespond to ad hoc requests and high-priority government tasksConduct discovery scanning and have awareness of IP CIDR ranges, ports, protocols, source, and destination distinctionsDeploy and maintain the latest approved DISA and commercially recognized audit files across FISMA systemsPerform manual assessment of DISA STIGs on systems undergoing assessment and auditSupport triaging efforts to determine root cause of detected issues or findings across various systemsTroubleshoot and provide corrective guidance for scan issues such as host configurations, credentials, network blocks, and scanner accessibilityMaintain target asset lists across all security tools ensuring alignment with system inventoryValidate false positive and true positive submissions by analysis and vetting of artifacts and justificationsMaintain and recommend improvements to security tools testing suiteProvide support during ATO, penetration tests, and other auditing effortsConduct risk analyses on CVEs, plugins, CWEs, KEVs, etc.Perform weekly scanning of systems in continuous monitoring and provide accurate scan resultsBuild and maintain various tool-specific dashboards to support system vulnerability and compliance remediation effortsParticipate in Agile planning events as a representative of the VMAT team.Conduct research, evaluation, and testing and provide technical input and recommendation regarding new security software and testing tools or devices for procurementProvide expertise in implementation of technical security controls in government cloud environments (cloud security experience required)Preferred Education, Experience, & Skills Desired Certifications: CISSP, CCSP, CEH, AWS-SEC, MCASEA
Required Clearance: Secret

Pay Information
Full-Time Salary Range: $ $215270

Please note: This range is based on our market pay structures. However, individual salaries are determined by a variety of factors including, but not limited to: business considerations, local market conditions, and internal equity, as well as candidate qualifications, such as skills, education, and experience.

Employee Benefits: At BAE Systems, we support our employees in all aspects of their life, including their health and financial well-being. Regular employees scheduled to work 20+ hours per week are offered: health, dental, and vision insurance; health savings accounts; a 401(k) savings plan; disability coverage; and life and accident insurance. We also have an employee assistance program, a legal plan, and other perks including discounts on things like home, auto, and pet insurance. Our leave programs include paid time off, paid holidays, as well as other types of leave, including paid parental, military, bereavement, and any applicable federal and state sick leave. Employees may participate in the company recognition program to receive monetary or non-monetary recognition awards. Other incentives may be available based on position level and/or job specifics.
About BAE Systems Intelligence & Security BAE Systems, Inc. is the U.S. subsidiary of BAE Systems plc, an international defense, aerospace and security company which delivers a full range of products and services for air, land and naval forces, as well as advanced electronics, security, information technology solutions and customer support services. Improving the future and protecting lives is an ambitious mission, but it's what we do at BAE Systems. Working here means using your passion and ingenuity where it counts – defending national security with breakthrough technology, superior products, and intelligence solutions. As you develop the latest technology and defend national security, you will continually hone your skills on a team—making a big impact on a global scale. At BAE Systems, you'll find a rewarding career that truly makes a difference.

Intelligence & Security (I&S), based in McLean, Virginia, designs and delivers advanced defense, intelligence, and security solutions that support the important missions of our customers. Our pride and dedication shows in everything we do—from intelligence analysis, cyber operations and IT expertise to systems development, systems integration, and operations and maintenance services. Knowing that our work enables the U.S. military and government to recognize, manage and defeat threats inspires us to push ourselves and our technologies to new levels.

Our Commitment to Diversity, Equity, and Inclusion:
At BAE Systems, we work hard every day to nurture an inclusive culture where employees are valued and feel like they belong. We are conscious of the need for all employees to see themselves reflected at every level of the company and know that in order to unlock the full potential of our workforce, everyone must feel confident being their best, most sincere self and be equipped to thrive. We provide impactful professional development experiences to our employees and invest in social impact partnerships to uplift communities and drive purposeful change. Here you will find significant opportunities to do meaningful work in an environment intentionally designed to be one where you will learn, grow and belong.

---