**Job Description** BAE Systems is seeking an individual to fill the role of a **Cyber Systems Software Engineer (ISSO)** . The role ensures the security and compliance of software systems throughout the software development lifecycle within the DoD environment. The role focuses on Software Assurance, Information Assurance, Information Technology (IT), Systems Engineering, and compliance with DoD cybersecurity requirements, frameworks, and operational risk management. The ISSO will participate in technical design reviews and engineering lifecycle events to ensure security-by-design principles are implemented across all system components. Responsibilities include: + Software Assurance + Apply secure software development lifecycle (SSDLC) practices + Perform threat modeling, static/dynamic code analysis + Conduct code reviews using Fortify, SonarQube, Veracode, etc. + Manage CVE remediation in government codebases + Information Assurance & RMF Compliance + Develop and maintain RMF packages (SSP, SAP, SAR, POA&M, ConMon) + Support ATC/ATO authorization packages + Perform continuous monitoring of software systems + Ensure compliance with Zero Trust Architecture (ZTA) requirements + Software Compliance + Ensure adherence to DFARS 252.204-7012, NIST 800-171, and CMMC + Manage OSS licensing compliance, SBOM documentation (CycloneDX, SPDX) + Oversee secure deployment per DoDI 5000.90, DoDI 8500.01 + Mitigate software supply chain risks + Design Review & Systems Engineering Integration: + Participate in technical design reviews to ensure integration of cybersecurity requirements + Collaborate with Systems Engineering and IT teams during architecture planning and development phases + Review engineering artifacts for traceability, security controls, and compliance with software assurance principles + Evaluate system-level risks introduced during design and integration phases Pursuant to Government contract, this position requires US Citizenship status \#ASFS **Required Education, Experience, & Skills** + Bachelors degree in Computer Science, Cybersecurity, Information Assurance, or related field + Minimum 7 years in cybersecurity roles, 4 years in ISSO or Information Assurance + Secret Clearance + IAM Level II (Security ) + Experience with RMF, STIGs, NIST SP 800-series, DIACAP, or FedRAMP + Direct involvement in systems engineering or IT implementation projects in secure environments + Hands on experience with incident management and response + Experience with Network Operations Center **Preferred Education, Experience, & Skills** + IAM Level III Certification (DoD 8140/8570 compliant) + Technical Skillset + Secure programming in C, C , Java, Python, JavaScript + Code scanning and analysis tools: Fortify, SonarQube, Veracode + Vulnerability management: ACAS, Nessus, SCAP + RMF tools: Xacta, eMASS + SIEM: Splunk, ELK Stack + SBOM Tools: Syft, Anchore + Container security knowledge: Docker, Kubernetes + Experience with IT automation, CI/CD pipelines, DevSecOps + Competencies and Soft Skills + Agile / DevSecOps Methodologies + Experience with IL5/IL6 cloud-native solutions + Risk communication to AOs and technical leadership + Strong collaboration with IT and Systems Engineering teams + Excellent technical documentation and briefing skills **Pay Information** Full-Time Salary Range: $105254 - $178931 Please note: This range is based on our market pay structures. However, individual salaries are determined by a variety of factors including, but not limited to: business considerations, local market conditions, and internal equity, as well as candidate qualifications, such as skills, education, and experience. Employee Benefits: At BAE Systems, we support our employees in all aspects of their life, including their health and financial well-being. Regular employees scheduled to work 20 hours per week are offered: health, dental, and vision insurance; health savings accounts; a 401(k) savings plan; disability coverage; and life and accident insurance. We also have an employee assistance program, a legal plan, and other perks including discounts on things like home, auto, and pet insurance. Our leave programs include paid time off, paid holidays, as well as other types of leave, including paid parental, military, bereavement, and any applicable federal and state sick leave. Employees may participate in the company recognition program to receive monetary or non-monetary recognition awards. Other incentives may be available based on position level and/or job specifics. **Cyber Systems Software Engineer (ISSO)** **115334BR** EEO Career Site Equal Opportunity Employer. Minorities . females . veterans . individuals with disabilities . sexual orientation . gender identity . gender expression