Information Security Engineer, Staff

Overview

BigBear.ai is seeking a Information Systems Security Manager. This role is responsible for the cybersecurity of a program, organization, system, or enclave. As the Information Systems Security Manager (ISSM), this role is responsible for the cybersecurity of a program, organization, system, or enclave and will report directly to the BigBear.ai Chief Information Security Officer (CISO)

Onsite 2-5 days a week in Chantilly, VA. The amount of days onsite will vary depending on the week.



What you will do

• Acquire and manage the necessary resources, including leadership support, financial resources, and key security personnel, to support information technology (IT) security goals and objectives and reduce overall organizational risk.
• Advise senior management (e.g., CISO, CIO) on risk levels and security posture.
• Advise appropriate senior leadership or Authorizing Official of changes affecting the organization's cybersecurity posture.
• Collect and maintain data needed to meet system cybersecurity reporting.
• Communicate the value of information technology (IT) security throughout all levels of the organization stakeholders for the relevant enclave(s).
• Ensure that security improvement actions are evaluated, validated, and implemented as required.
• Ensure that cybersecurity inspections, tests, and reviews are coordinated for the network environment.
• Ensure that cybersecurity requirements are integrated into the continuity planning for that system and/or organization(s).
• Evaluate and approve development efforts to ensure that baseline security safeguards are appropriately installed.
• Identify alternative information security strategies to address organizational security objective.
• Identify information technology (IT) security program implications of new technologies or technology upgrades.
• Interpret patterns of noncompliance to determine their impact on levels of risk and/or overall effectiveness of the enterprise's cybersecurity program.
• Manage the monitoring of information security data sources to maintain organizational situational awareness.
• Oversee the information security training and awareness program.
• Participate in an information security risk assessment during the Security Assessment and Authorization process.
• Participate in the development or modification of the computer environment cybersecurity program plans and requirements.
• Prepare, distribute, and maintain plans, instructions, guidance, and standard operating procedures concerning the security of network system(s) operations.
• Provide system-related input on cybersecurity requirements to be included in statements of work and other appropriate procurement documents.
• Recognize a possible security violation and take appropriate action to report the incident, as required.
• Recommend resource allocations required to securely operate and maintain an organization's cybersecurity requirements.
• Supervise or manage protective or corrective measures when a cybersecurity incident or vulnerability is discovered.
• Track audit findings and recommendations to ensure that appropriate mitigation actions are taken.
• Promote awareness of security issues among management and ensure sound security principles are reflected in the organization's vision and goals.
• Oversee policy standards and implementation strategies to ensure procedures and guidelines comply with cybersecurity policies.
• Identify security requirements specific to an information technology (IT) system in all phases of the system life cycle.
• Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc.
• Assure successful implementation and functionality of security requirements and appropriate information technology (IT) policies and procedures that are consistent with the organization's mission and goals.
• Support necessary compliance activities (e.g., ensure that system security configuration guidelines are followed, compliance monitoring occurs).

· Continuously validate the organization against policies/guidelines/procedures/regulations/laws to ensure compliance.



What you need to have

• Bachelor's Degree and 2 to 5 years of experience; or
  • Master's Degree and 0 to 3 years of experience; or
  • in lieu of a degree, 8 to 10 years additional experience
• Clearance: must possess and maintain an active Top Secret clearance
• Knowledge of applicable laws, statutes (e.g., in Titles 10, 18, 32, 50 in U.S. Code), Presidential Directives, executive branch guidelines, and/or administrative/criminal legal guidelines and procedures.
• Experience working with NIST 800-53 and NIST RMF
• Knowledge of laws, policies, procedures, or governance relevant to cybersecurity for national security systems.
• Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
• Knowledge of measures or indicators of system performance and availability
• Skill in creating policies that reflect system security objectives.
• Knowledge of information technology (IT) supply chain security and supply chain risk management policies, requirements, and procedures.
• Knowledge of new and emerging information technology (IT) and cybersecurity technologies.
• Knowledge of current and emerging threats/threat vectors.
• Knowledge of vulnerability information dissemination sources (e.g., alerts, advisories, errata, and bulletins).
• Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
• Understanding of threats to Cleared facilities
• Understanding of Safeguarding and Handling Procedures for classified information
• Knowledge of what constitutes a network attack and a network attack's relationship to both threats and vulnerabilities.
• Knowledge of penetration testing principles, tools, and techniques.
• Understanding of Continuous Security Monitoring

What we'd like you to have

• TOP SECRET/SCI with poly
• Knowledge of network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools.
• Knowledge of network traffic analysis methods.
• Knowledge of server and client operating systems.
• Knowledge of the organization's enterprise information technology (IT) goals and objectives.
• Experience implementing DISA STIGs
• Experience working as an ISSM for a federal contract

About BigBear.ai

BigBear.ai is a leading provider of AI-powered decision intelligence solutions for national security, supply chain management, and digital identity. Customers and partners rely on BigBear.ai’s predictive analytics capabilities in highly complex, distributed, mission-based operating environments. Headquartered in Columbia, Maryland, BigBear.ai is a public company traded on the NYSE under the symbol BBAI. For more information, visit https://bigbear.ai/ and follow BigBear.ai on LinkedIn: @BigBear.ai and X: @BigBearai.

What you will do

• Acquire and manage the necessary resources, including leadership support, financial resources, and key security personnel, to support information technology (IT) security goals and objectives and reduce overall organizational risk.
• Advise senior management (e.g., CISO, CIO) on risk levels and security posture.
• Advise appropriate senior leadership or Authorizing Official of changes affecting the organization's cybersecurity posture.
• Collect and maintain data needed to meet system cybersecurity reporting.
• Communicate the value of information technology (IT) security throughout all levels of the organization stakeholders for the relevant enclave(s).
• Ensure that security improvement actions are evaluated, validated, and implemented as required.
• Ensure that cybersecurity inspections, tests, and reviews are coordinated for the network environment.
• Ensure that cybersecurity requirements are integrated into the continuity planning for that system and/or organization(s).
• Evaluate and approve development efforts to ensure that baseline security safeguards are appropriately installed.
• Identify alternative information security strategies to address organizational security objective.
• Identify information technology (IT) security program implications of new technologies or technology upgrades.
• Interpret patterns of noncompliance to determine their impact on levels of risk and/or overall effectiveness of the enterprise's cybersecurity program.
• Manage the monitoring of information security data sources to maintain organizational situational awareness.
• Oversee the information security training and awareness program.
• Participate in an information security risk assessment during the Security Assessment and Authorization process.
• Participate in the development or modification of the computer environment cybersecurity program plans and requirements.
• Prepare, distribute, and maintain plans, instructions, guidance, and standard operating procedures concerning the security of network system(s) operations.
• Provide system-related input on cybersecurity requirements to be included in statements of work and other appropriate procurement documents.
• Recognize a possible security violation and take appropriate action to report the incident, as required.
• Recommend resource allocations required to securely operate and maintain an organization's cybersecurity requirements.
• Supervise or manage protective or corrective measures when a cybersecurity incident or vulnerability is discovered.
• Track audit findings and recommendations to ensure that appropriate mitigation actions are taken.
• Promote awareness of security issues among management and ensure sound security principles are reflected in the organization's vision and goals.
• Oversee policy standards and implementation strategies to ensure procedures and guidelines comply with cybersecurity policies.
• Identify security requirements specific to an information technology (IT) system in all phases of the system life cycle.
• Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc.
• Assure successful implementation and functionality of security requirements and appropriate information technology (IT) policies and procedures that are consistent with the organization's mission and goals.
• Support necessary compliance activities (e.g., ensure that system security configuration guidelines are followed, compliance monitoring occurs).

· Continuously validate the organization against policies/guidelines/procedures/regulations/laws to ensure compliance.

What you need to have

• Bachelor's Degree and 2 to 5 years of experience; or
  • Master's Degree and 0 to 3 years of experience; or
  • in lieu of a degree, 8 to 10 years additional experience
• Clearance: must possess and maintain an active Top Secret clearance
• Knowledge of applicable laws, statutes (e.g., in Titles 10, 18, 32, 50 in U.S. Code), Presidential Directives, executive branch guidelines, and/or administrative/criminal legal guidelines and procedures.
• Experience working with NIST 800-53 and NIST RMF
• Knowledge of laws, policies, procedures, or governance relevant to cybersecurity for national security systems.
• Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
• Knowledge of measures or indicators of system performance and availability
• Skill in creating policies that reflect system security objectives.
• Knowledge of information technology (IT) supply chain security and supply chain risk management policies, requirements, and procedures.
• Knowledge of new and emerging information technology (IT) and cybersecurity technologies.
• Knowledge of current and emerging threats/threat vectors.
• Knowledge of vulnerability information dissemination sources (e.g., alerts, advisories, errata, and bulletins).
• Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
• Understanding of threats to Cleared facilities
• Understanding of Safeguarding and Handling Procedures for classified information
• Knowledge of what constitutes a network attack and a network attack's relationship to both threats and vulnerabilities.
• Knowledge of penetration testing principles, tools, and techniques.
• Understanding of Continuous Security Monitoring