Business Process Systems Consultant, Sr. jobs in Utah

BAE Systems is seeking an exceptional, Senior Cyber Systems Engineer for an exciting opportunity to support the Air Force (AF) acquisition of the next generation Intercontinental Ballistic Missile (ICBM).

Why BAE Systems? BAE Systems is the third largest defense contractor in the world with an exceptional, mission-focused culture. The 800 BAE Systems employees and sub-contractors located at Hill AF Base, UT are closely aligned to the US AF Nuclear Weapons Center. We support the Center in sustaining the existing LGM-30 Minuteman III (MMIII) weapon system and acquiring its replacement, the LGM-35A Sentinel. We are a uniquely-valued mission partner delivering daily technical excellence and innovative solutions to our government customers. BAE Systems has earned accolades as a “Top Workplace” in UT based on employee feedback for 3 consecutive years, earning special distinction for providing a healthy work-life balance for our valued employees. We work very hard to ensure this is a great place to work!

Why Utah? You’ve got to see it to believe it! UT is an amazing state with diverse geography, an eclectic culture and an exceptional quality of life. We're north of Salt Lake City (SLC) at the foot of the beautiful Wasatch Mountains. The area offers an incredible range of outdoors pursuits across the seasons including hiking, climbing, hunting, fishing, camping, boating and world-class skiing at resorts that hosted the 2002 Winter Olympics. The state is home to 5 amazing National Parks and an easy drive from two more; Grand Teton and, famously, the 1st National Park in the world, Yellowstone. The SLC area offers a vast array of cultural activities and businesses including multiple professional sports teams. It is a western states hub for exceptional, cutting-edge medical care with people traveling from across the region for a range of nationally renowned specialty care centers and doctors. The SLC International Airport is expanding and offers easy, direct access to just about anywhere you want to fly.

Why Sentinel? The Sentinel Program (formerly Ground Based Strategic Deterrent) is an enormous and complex “Mega-Project” modernizing the entire ICBM weapon system deployed across tens of thousands of square miles in five states. Without any doubt, Sentinel is one of the DoD’s most important acquisition efforts for the next decade, if not longer. It includes a complete refurbishment of hundreds of aging MMIII ICBM facilities to secure and support a newly designed, technologically advanced ballistic missile. It will also provide an entirely new command and control system as well as vast array of required support equipment specifically engineered to operate and sustain the new weapon system over the decades ahead. Sentinel is the Department of Defense’s newest official “program of record,” having just achieved Milestone B. It enjoys broad, strong support at the national level. It's a long-term project--the weapon system will deploy over a 9-year period beginning in approximately 2026, and remain operational until at least 2075. Sentinel is a career-defining program that will present unique and challenging opportunities that simply are not available with smaller projects.

Tell me about this job. The senior cyber systems engineer will support the AF ICBM weapon system and the Sentinel Program. These are long-term sustainment and acquisition programs which are anticipated to remain operational until 2075.

This position works with the Information System Security Manager (ISSM), System Program Managers (PM), Product Team Engineers, and Authorizing Official (AO) representatives providing system security engineering services and/or products to ensure the development of safe, secure, and effective cyber systems as part of the deployed ICBM weapon system. The cyber systems engineer will support the program office to ensure core security engineering principles are implemented into assigned programs information systems architecture. They will also support system design to enable the issuance and maintenance of multiple Authority to Operate (ATO) approvals for various ICBM weapon subsystems and supporting IT systems by adhering to the Risk Management Framework (RMF). This includes system categorization and control identification, implementation, and assessment. This position is responsible for cybersecurity efforts throughout the RMF for one or more assigned programs(s) to include the development of System Security Plans, resolution of Plans of Action and Milestones (POA&Ms), review of system audits, and monitoring of corrective actions. This position provides the opportunity to develop and hone communication, customer relationship, and leadership skills while working with a close-knit fun-loving team of other cybersecurity professionals.

The successful candidate will be energetic, self-motivated, and have the ability to adapt to a fast-paced environment with the desire to make a difference. Knowledge and experience working with the DoD’s Cybersecurity processes and the RMF is required.

The specific responsibilities of this position include, but are not limited to:

• Serves as cyber engineering technical advisor and consultant to the weapon system ISSM, AO, PM, product team engineers, and Information System Owner (ISO).

• Fulfills the Information System Security Engineer (ISSE) responsibilities defined in DoD Instructions 8500.01 and 8510.01, AFI17-101 RMF for the AF Information Technology (IT), and the “DoD Program Manager’s Guidebook for Integrating the Cybersecurity RMF into the System Acquisition Lifecycle”.

• Coordinate and negotiate with customers AOs and system development teams.

• Perform analysis and evaluation to design, implement, test and field secure systems, networks, and architectures.

• Support the Program Office to resolve conflicting system security engineering requirements.

• Conduct offensive architecture analysis, generate risk assessments, and design of defense-in-depth solutions.

• Lead the development of system security plans including, security concepts of operations (CONOPs), risk management matrix, security control traceability matrix, security test procedures, and plan of action and milestones.

• Analyze vulnerability assessments to validate system compliance with cyber requirements, RMF controls, and DISA Security Technical Information Guidelines (STIGS).

• Lead and coordinate security test event teams to achieve operational test and accreditation milestones.

• Verify and validate vulnerability resolutions and/or mitigations.

• Analyze static code scans and dynamic code scans to detect software vulnerabilities.

• Review all technical changes to determine security relevance.

• Develop program technical publications such as Systems Engineering Plans (SEP), Technical Plans, Analyses and Reports, Risk Assessments, CONOPs, Program Protection Plan, Anti-Tamper Plan, Cybersecurity Strategy, Technology Development Strategies, Test Plans, procedures, reports, System Security Plans and related documentation.

• Support proposal activities, developing innovative cyber solutions and developing accurate cost estimates.

• At least 6 years progressive responsibility in providing technical leadership.

• Previous experience as a systems engineer, ISSE/ISSM/ISSO using the RMF or experience as a systems architect/developer of operational systems.

• DoD 8570 IASAE level 2 compliance or higher certification required (example: CISSP, CISSP-ISSAP or CISSP-ISSEP) or ability to obtain such within 6 months of being hired.

• Other cyber certifications (CCSP, CEH, OSCP, etc.).

• Experience or knowledge of cybersecurity, networks, system components, system protocols, COTS technology, and software development (CI/CD pipelines).

• Experience developing external customer relationships and ability to communicate cybersecurity concepts and requirements with senior leaders.

• Effective organizational, time management, and communications skills (written and verbal).

• Able to work independently, demonstrate strong initiative, and organize daily tasks with minimal supervision.

• Strong communication skills (oral and written) commensurate with expected mid- to senior-level civilian and military participants from various U.S. Government agencies.

One or many of the below experiences, skills, and/or education.

• Knowledge and/or experience with government acquisition program and involved with System Security Engineering and or Program Protection methodologies and practices.

• Experience with Cyber Threat Intelligence review and analysis supporting program risks.

• Conducting Cyber threat table tops events with cyber red/blue team engagement on system penetration and mitigation tactics, techniques, and protocols (TTPs).

• IASAE level 2 certification (CISSP-ISSAP/ISSEP, CCSP).

• Software security analysis: DevSecOps pipeline development and execution.

• Hybrid cloud based architecture and security engineering (containerization and orchestration of security functions and services across on prem and cloud architectures).