Cybersecurity Analyst Senior Principal

Cybersecurity Analyst Senior Principal at Lensa

Lensa promotes job openings on behalf of its direct clients and partners. This specific role is for BAE Systems USA, where a Cybersecurity Analyst Senior Principal will play a pivotal role in driving internal cyber security reviews to support corporate-wide compliance initiatives. This opportunity is part of BAE Systems USA's Compliant Operations team.

In this role, you will provide critical expertise in cybersecurity standards, cloud security, and risk mitigation, ensuring sustainable compliance across the organization. Your daily tasks will involve evaluating and validating compliant solutions, assessing and mitigating risks, and driving improvements in control management to protect systems and data. Joining this team offers a rewarding job that challenges you to make a tangible impact on the cyber security posture of BAE Systems USA.

Position Responsibilities Include, But Not Limited To

• Lead internal cybersecurity IT design and artifact reviews to support corporate-wide Cyber Security compliance initiatives.
• Evaluate proposed solutions for IT deficiencies, verify, and validate final solution artifacts included in Sector information system/environment Plan of Action and Milestones (POAMs) and Return-to-Green (RTGs).
• Conduct reviews, evaluations, and provide input on proposed solutions and final artifacts to ensure adherence to key control domains based on BAE Systems Cyber Security Standards, policies, and directives at an enterprise level.
• Evaluate Exception requests to Policy/Standard IT Security (e.g., Blocked Sites, DVD, USB).
• Evaluate Internet-exposed Services/Certification & Accreditation (C&A) and Cloud Service Providers (CSP) requests.
• Help define common workflows, automations, templates, inheritable cyber services, and execution of value streams that enable sustainable compliance across the enterprise.
• Assess the design and operational effectiveness of IT controls and identify exposure to risk.
• Facilitate compliance reviews to increase awareness and knowledge of compliance requirements and identify opportunities to streamline or improve the control environment without increasing overall risk.
• Communicate complex technical issues in simplified terms to relevant teams and stakeholders.
• Provide guidance to remediate identified security and control risks.
• Stay up to date with the latest industry trends in cybersecurity and apply them to the enterprise as applicable.

Required Education, Experience, & Skills

• Bachelor's Degree and 8 years work experience.
• At least 8 years of experience in information technology auditing, combined audit/IT audit, or relevant information security or information technology roles, with a focus on cyber security standards, architecture requirements, and cybersecurity standards.
• Well-rounded IT audit experience with a strong understanding of information security frameworks and IT audit methodologies.
• Exception handling skills to manage and resolve complex IT and cybersecurity issues.
• Ability to synthesize complex information into actionable insights.
• Strong attention to detail with an analytical mind on IT processes and outstanding problem-solving skills.
• Expertise in cybersecurity standards, cloud security, and risk mitigation.
• Experience with continuous process improvement, innovative governance, risk and compliance solutions.
• Solid understanding of information security frameworks and IT audit methodologies.
• Proficient with a broad knowledge of IT operations and technologies such as Network Infrastructure technologies (WAN/MAN/LAN), Cybersecurity, Active Directory, Backup & Recovery, Data Center, Operating Systems, Virtualization Services, SDLC and Change Management.
• IT application experience (SAP, Oracle, PeopleSoft and Costpoint).
• 5 years of audit project management experience.
• Data Analysis experience, with the ability to apply analytical skills to drive insights and recommendations.
• Understanding of industry standards including ISO27001, ISO 20K, NIST 800-53, 800-171.

Preferred Education, Experience, & Skills

• Certified Information Systems Auditor (CISA).
• Certified Information Systems Security Professional (CISSP).
• Certified Information Security Manager (CISM).
• Certificate of Cloud Security Knowledge (CCSK).
• Experience with cloud security platforms, such as AWS.
• Experience with cybersecurity threat intelligence and incident response.

Pay Information

The full-time salary range for this position is $108,787 - $184,937. Individual salaries are determined by various factors including business considerations, local market conditions, internal equity, and candidate qualifications.

Employee Benefits

BAE Systems supports its employees with comprehensive benefits for regular employees working 20 hours or more per week. These include health, dental, and vision insurance; health savings accounts; a 401(k) savings plan; disability coverage; and life and accident insurance. Additional perks include an employee assistance program, legal plan, discounts, paid time off, paid holidays, and various other leave programs.

Key skills/competency

• Cybersecurity Standards
• Cloud Security
• Risk Mitigation
• IT Audit
• Compliance Management
• Information Security Frameworks
• Data Analysis
• NIST 800-53
• Continuous Process Improvement
• Network Infrastructure