BAE Systems Intelligence & Security is hiring a Cyber Analyst Senior Principal

Role Overview

As a Senior Principal Cyber Analyst, you will lead the evaluation and validation of cybersecurity designs and artifacts across enterprise IT systems. Your work will directly support organization-wide compliance by ensuring solutions meet rigorous security standards and policies. You will assess risks, improve control effectiveness, and help shape sustainable compliance practices across the enterprise.

Key Responsibilities

• Lead technical reviews of cybersecurity designs and implementation artifacts to support enterprise compliance initiatives.
• Evaluate proposed solutions for IT deficiencies and validate final deliverables within Plan of Action and Milestones (POAMs) and Return-to-Green (RTGs) documentation.
• Review and assess compliance with enterprise cybersecurity standards, policies, and control frameworks across proposed and implemented solutions.
• Examine exception requests related to IT security policies, including access to blocked sites and removable media usage.
• Assess internet-facing services, Certification and Accreditation (C&A) packages, and Cloud Service Provider (CSP) onboarding requests.
• Develop standardized workflows, automation strategies, reusable templates, and inheritable security services to promote consistent compliance.
• Identify gaps in IT control design and operational effectiveness, highlighting areas of risk exposure.
• Support compliance awareness initiatives and recommend improvements to control processes that reduce burden without increasing risk.
• Translate complex technical findings into clear, actionable insights for diverse stakeholders.
• Advise on remediation strategies for identified security and control weaknesses.
• Stay current with evolving cybersecurity trends and adapt best practices to the enterprise environment.

Required Qualifications

• Bachelor's degree and at least 8 years of professional experience in information security, IT audit, or related cybersecurity roles.
• Minimum of 8 years focused on cybersecurity standards, architecture, and control frameworks.
• Proven experience in IT auditing with strong knowledge of information security standards and audit methodologies.
• Ability to resolve complex cybersecurity and IT issues through structured exception management.
• Strong analytical skills with the capacity to turn technical data into practical recommendations.
• Deep understanding of cybersecurity standards, cloud security principles, and risk mitigation strategies.
• Experience driving continuous improvement in governance, risk, and compliance (GRC) processes.
• Comprehensive knowledge of IT operations, including network infrastructure (WAN/MAN/LAN), Active Directory, backup systems, data centers, operating systems, virtualization, SDLC, and change management.
• Familiarity with enterprise applications such as SAP, Oracle, PeopleSoft, and Costpoint.
• Five years of experience managing audit projects.
• Data analysis skills to inform decision-making and drive recommendations.
• Knowledge of industry standards including ISO27001, ISO 20000, NIST 800-53, and NIST 800-171.

Preferred Qualifications

• Certified Information Systems Auditor (CISA).
• Certified Information Systems Security Professional (CISSP).
• Certified Information Security Manager (CISM).
• Certificate of Cloud Security Knowledge (CCSK).
• Experience with cloud security platforms, particularly AWS.
• Background in cybersecurity threat intelligence and incident response operations.