Intermediate Information Assurance Officer

Company: BAE Systems Information Technology Location: MA 02420 Job Category: IT/Software Development View this video View our Career Video Length: 2:39 min BAE Systems is the premier global defense and aerospace company delivering a full range of products and services for air, land and naval forces, as well as advanced electronics, information technology solutions and customer support services. With 97,500 employees worldwide, BAE Systems' sales exceeded $31.4 billion in 2007.BAE Systems Information Technology is one of the largest IT providers to the U.S. Government with over 5,000 employees in 30 states. As a full-service solutions provider our programs enable the mission and span the life cycle by providing capabilities that support: Enterprise Architecture; Network Systems Management; Information Delivery; Mission Specific Applications Development; Managed IT; and Mission Critical Intelligence Analysis. The person responsible to the IAM for ensuring that operational security is maintained for a specific IS. Specific responsibilities include, but are not limited to the following:Develop and maintain a formal IS security programImplement and enforce IS security policiesOversee al IS users to ensure they follow established IS polices and proceduresReview weekly bulletins and advisories, including Computer Emergency Response Teams (CERT) bulletins, that impact security of site information systems to include, USCERT, Air Force (AF) AFCERT, Information Assurance Vulnerability Alert (IAVA), and Defense Information Systems Agency (DISA), Automated Systems Security Incident Support Team (ASSIST) bulletinsEnsure that periodic testing is conducted to evaluate the security posture of the ISsWork with the CPSO to ensure the development of system accreditation/certification documentation by reviewing and endorsing such documentation and recommending action to the DAA Rep.Ensure approved procedures are in place for clearing, purging, declassifying, and releasing system memory, media, and output.Maintain, as required by the DAA Rep, a repository for all system accreditation/certification documentation and modifications.Coordinate IS security inspections, tests, and reviews.Investigate and report (to the DAA/DAA rep and local management) security violations and incidents, as appropriate.Ensure proper protection and corrective measures have been taken when an IS incident or vulnerability has been discovered.Ensure data ownership and responsibilities are established for each IS, to include accountability, access, and special handling requirements.Ensure development and implementation of an effective IS security education, training, and awareness program.Ensure development and implementation of procedures IAW configuration management (CM) policies and procedures for authorizing the use of hard ware/software on an IS. Any additions, changes, or modifications to hardware, software, or firmware must be coordinated with the appropriate approving authority prior to the addition, change, or modification. Develop procedures for responding to security incidents, and for investigating and reporting (to the DAA Rep and to local management) security violations and incidents, as appropriate.Serve as a member of the configuration management board, where on exists.Working knowledge of system functions, security policies, technical security safeguards, and operational security measures.Access only that data, control information, software, hardware, and firmware for which the are authorized access and have a need-to-know, and assume only those roles and privileges for which they are authorized.Ensure warning banners are placed on all monitors and appear when a user accesses a system.Ensure system recovery processes are monitored and that security features and procedures are properly restored.Ensure all IS security-related documentation is current and accessible to properly authorized individuals.Formally notify the CPSO and the DAA Rep when a system no longer processes classified information.Formally notify the CPSO and the DAA Rep when changes occur that might affect accreditation/certification.Ensure system security requirements are addressed during all phases of the system life cycle.Develop procedures IAW CM policies and procedures, for authorizing software use prior to its implementation on a system. Any changes RequiredProficient in Microsoft Project, Access, PowerPoint, Excel, Word, Form Flow, and web-based applications required.11+ Years with HS or 7+ Years with AA or 5+ Years with BS or 2+ Years with MS or 0+ Years with PhDExcellent communications skills, both verbal and written Must be organized and have strong attention to detail Familiarity of general knowledge of security regulations:AFI 33-202, Network and Computer SecurityJAFAN 6/3, Protecting Special Access Program Information within Information SystemsDCID 6/3, Protection Sensitive Compartmented Information Within Information Systems. People are the greatest asset in any Company ...BAE Systems is committed to a high performance culture and provides an environment that challenges our employees to be remarkable and obtain their full potential.We are an EEO/Affirmative Action Employer that understands the value of diversity and its impact on a high performance culture.Join us ... To Apply for this position, please CLICK HERE Learn about BAE Systems  |  View all BAE Systems opportunities  |