More jobs:
IT Security Specialist - ISSO - Information Systems Security Off Security Clearance
Job in
Maple Grove, Hennepin County, Minnesota, 55311, USA
Listed on 2026-01-07
Listing for:
BAE Systems
Full Time
position Listed on 2026-01-07
Job specializations:
-
IT/Tech
Cybersecurity, Information Security
Job Description & How to Apply Below
Job Description How does it feel to work on a team driven to make a big impact? Empowering. At BAE Systems, our teams are the root of our success in delivering life-saving products to our nation's military. We are hiring an IT Security Specialist to serve as the Information Systems Security Officer-ISSO. The ISSO will be responsible for ensuring the security and integrity of our organization's information systems and data.
The ideal candidate will have a strong technical background and a passion for information security. In this job, you will be responsible for:
* System Security Oversight:
Ensure systems are operated, maintained, and disposed of in accordance with security policies and procedures outlined in the security plan.
* Program Implementation:
Verify the implementation of delegated aspects of the system security program.
* Account Management:
Ensure proper account management documentation is completed prior to adding and deleting system accounts.
* Documentation Management:
Verify all system security documentation is current and accessible to properly authorized individuals.
* Risk Assessment and Mitigation:
Conduct periodic assessments of authorized systems, identify vulnerabilities, and provide corrective actions to the Information System Security Manager - ISSM.
* Audit and Compliance:
Ensure audit records are collected and analyzed in accordance with the security plan.
* Incident Response:
Report all security-related incidents to the ISSM.
* System Recovery:
Monitor system recovery processes to ensure security features and procedures are properly restored and functioning correctly.
* Change Management:
Formally notify the ISSM of any changes to a system that could affect authorization.
* Configuration Control:
Serve as a member of the Configuration Control Board (CCB), if designated by the ISSM. Expanded responsibilities to choose from:
* Security Policy and Compliance
* Conduct regular reviews and updates of security policies to ensure they remain relevant and effective.
* Collaborate with stakeholders to ensure that security policies are aligned with organizational goals and objectives.
* Provide guidance and training to employees on security policies and procedures. Risk Management
* Identify, assess, and mitigate potential security risks to the organization's information systems and data.
* Conduct risk assessments and threat modeling to identify potential vulnerabilities and threats.
* Develop and implement risk mitigation plans to address identified risks.
* Monitor and review risk mitigation plans to ensure they are effective. System Security
* Ensure the security and integrity of information systems, including networks, servers, workstations, and applications.
* Conduct regular security assessments and vulnerability scans to identify potential vulnerabilities.
* Implement security controls, such as firewalls, intrusion detection systems, and access controls.
* Collaborate with IT teams to ensure that security is integrated into the system development lifecycle. Incident Response
* Develop and implement incident response plans to respond to security incidents, including data breaches and system compromises.
* Identify and classify security incidents and activate incident response plans as needed.
* Collaborate with incident response teams to contain and mitigate incidents.
* Conduct post-incident reviews to identify lessons learned and areas for improvement. Vulnerability Management
* Execute the continuous monitoring strategy.
* Identify and remediate vulnerabilities in information systems and applications.
* Conduct regular vulnerability scans and penetration testing to identify potential vulnerabilities.
* Develop and implement vulnerability remediation plans to address identified vulnerabilities.
* Collaborate with IT teams to ensure that vulnerabilities are remediated in a timely and effective manner. Security Awareness and Training
* Develop and implement security awareness and training programs for employees and contractors.
* Provide regular security training and awareness programs to educate employees on security best practices.
* Collaborate with HR and training teams to ensure that security training is integrated into employee onboarding and ongoing training programs. Audit and Compliance
* Ensure user activity monitoring data is analyzed, stored, and protected in accordance with policies and procedures.
* Coordinate with internal and external auditors to ensure compliance with security policies, procedures, and regulatory requirements.
* Conduct regular security audits and assessments to identify potential security risks and vulnerabilities.
* Develop and implement audit and compliance plans to address identified risks and vulnerabilities. Technical Security
* Provide technical security expertise, including threat analysis, vulnerability assessment, and penetration testing.
* Collaborate with IT teams to ensure that security is integrated into the system development…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×