We are seeking a Senior Security Analyst for its Camden, Arkansas facility. The Senior Security Analyst, under limited direction, determines approaches to objectives demonstrating a complete understanding and application of principles, concepts, and practices.

TYPICAL RESPONSIBILITIES

This Security classification assumes the responsibilities associated with the role of Information Systems Security Manager (ISSM). These positions oversee the development, implementation, evaluation, and certification and accreditation of classified information systems. and interface with management and maintain liaison with US Government information assurance oversight agencies and prime/subcontractors; interpret government and company policy to ensure compliance with Cognizant Security Agency (CSA) requirements for classified information systems and/or networks of varying complexity; provide information security guidance and direction to program and engineering management and end users which may include making recommendations on process tailoring; and establish and maintain required training and information security compliance deliverables. These positions are responsible for publicizing and submitting government Risk Management Framework (RMF) compliant, clear and effective written plans, procedures, and instructions; and sustaining compliance with all aspects of government approved plans throughout system and program life cycles. In order to establish and maintain strict program control, process support, analysis support, coordination support, security certification test support, security documentation support, investigations, software research, hardware introduction and release, emerging technology research inspections and periodic audits may be required. May assist security management with the preparation of facility accreditation packages and site specific security plans; including but not limited to physical security requirements. May assist security management in the maintenance and accountability of electronic communication equipment and additional document control.

This current opening may be filled at this level as posted or at one level higher.

L3Harris Technologies is the Trusted Disruptor for the global aerospace and defense industry. With customers' mission-critical needs always in mind, our more than 50,000 employees deliver end-to-end technology solutions connecting the space, air, land, sea and cyber domains.

Our growing Camden, AR site has the newest, state-of-the-art large solid rocket motor facility in the nation to produce rocket motors that support our nation's most important next generation national security programs, like the Sentinel (Ground Based Strategic Deterrent), hypersonics and missile defense targets. Camden is also where we produce solid rocket motors and warheads critical to the nation's defense, like THAAD, Standard Missile, Tactical Tomahawk, Javelin and the Patriot Missile System. Check out this short YouTube video featuring our Camden site: Successful test of Aerojet Rocketdyne's eSR-73 advanced large solid rocket motor

You're not just "doing a job" at Aerojet Rocketdyne, an L3Harris Technologies Company. The work you perform makes significant contributions to national security and space exploration.

Inspiring Company Culture - Our people support each other and work together to leave an indelible impact on our nation's aerospace and defense legacy. Read more about our culture: Careers | L3Harris
• Paid Time Off- Accrue 3 weeks of vacation to start plus separate sick allowance. 4/10 schedule providing longer weekends. Plus 90 hours of paid holidays on average throughout the year.
• Comprehensive Health Benefits - Medical, Dental, Vision, Health Savings Accounts, and Wellness programs. Want to know more? Check out: Benefits | L3Harris
• Prepare for the Future - 401(k) with company match
• Professional Development - Tuition assistance, free professional development training through Rocket University and Energetics University, employee recognition, and leadership development programs
• Employee Resource Groups - Local and Enterprise employee-led volunteer groups to create community, awareness, impact, and to support a culture where everyone belongs

100% - Responsibilities of the ISSM include, but are not limited to:

• Developing, maintaining, and overseeing the system security program and policies for their assigned facility or area of responsibility
• Ensuring compliance with current government security policies, concepts, and measures when working with stakeholders to design and develop new systems
• Developing and implementing an effective system security education, training, and awareness program
• Maintaining a working knowledge of system functions, security policies, technical security safeguards, and operational security measures
• Identifying and mitigating system vulnerabilities based on risk and impact
• Developing, maintaining, and updating Plans of Actions, and Milestones (POA&M) in order to identify system weaknesses, mitigation, and timelines for applying corrective actions.
• Certifying to government Authorizing Officials (AOs) that the requirements and procedures listed within the security plan are in accordance with contractually imposed regulations (NISPOM, NIST SP 800-53, DAAPM, JSIG, etc.)
• Ensuring systems are operated and maintained in accordance with the Security Plan and government issued Authorization to Operate (ATO)
• Ensuring audit records are collected and analyzed
• Obtaining and maintaining NISP Enterprise Mission Assurance Support Service (eMASS), and/or applicable government system access, in order to effectively manage all security authorizations for systems under their purview
• Managing, maintaining, and executing the continuous monitoring strategy
• Conducting periodic assessments of systems and ensuing corrective actions are taken for all vulnerabilities and findings

A Bachelor's degree in an appropriate discipline and six (6) years of directly related experience, or equivalent combination of education and experience.

May be required to obtain and maintain a U.S. Security Clearance at the appropriate level. Requires U.S. Citizenship. Must also be able to satisfy federal government requirements for access to government information, and having dual citizenship may preclude you from being able to meet this requirement.

*DOD 8570.1 Certified (Level II or higher); Security+ or Certified Information Systems Security Professional (CISSP) or other applicable 8570.1 certifications required

Under limited direction, the ISSM is responsible for ensuring the appropriate operational security posture is maintained for an information system (IS) and as such, works in close collaboration with a range of stakeholders including Information System Owners (ISOs), Information System SecurityOfficers (ISSO), Information Technology (IT) subject matter experts, various levels of management, and Engineering end-users.

The ISSM shall have the detailed knowledge and expertise required to manage the security aspects of a compliant classified computing environment at their assigned Aerojet Rocketdyne facility

Responsibilities also include physical and environmental protection, personnel security, incident handling, and security training and awareness. In close coordination with the Facility Security Officer (FSO) the ISSM plays a critical role in overall NISPOM (or other Cognizant Security Agency) compliance. Monitoring systems of varying complexity and their environments of operation, managing and controlling changes, and assessing the security impact of changes to further advice stakeholders.

Required Competencies

Knowledge of:

• And experience with classified processing environments of varying complexity
• Government compliance, regulations, and standards (NISPOM, DAAPM, RMF, JSIG, NIST 800-53)
• Applicable regulations, practices and requirements of the government, customer, and the Company
• Security requirements, clearances, and procedures
• Applicable network, systems, hardware and software programs
• Various communication protocols
• Good decision-making and analytical skills

Ability to:

• Organize and prioritize effectively to satisfy government deliverables including closure of Plans of Actions and Milestones (POA&Ms)
• Communicate effectively, orally and in writing within team environments, with all levels of management, individual contributors, and government and prime representatives - Security Controls Assessors (SCAs) and Authorizing Officials (AOs)
• Analyze complex information security problems and provide focused solutions to accomplish program objectives
• Produce clear written documentation and presentations for technical and non-technical audiences
• Speak persuasively and confidently to diverse audiences
• Demonstrate flexible and efficient time management and prioritize workload
• Interpret and apply company and government policies and procedures
• Establish and maintain cooperative working relationships with those contacted in the course of work
• Work with application and solution architects, network, database, administrators, and other subject matter experts to develop and deliver compliant results
• Travel (local and continental US) up to 10% of the time

Additional Requirements:

• Current SECRET (or higher) DoD Security Clearance.
• Current DoD 8570 Level II or higher Baseline Certification (Security+ CE, CAP, GSLC, CASP CE, CISA, CISM, or CISSP).
• Experience with Microsoft Windows and/or Linux system administration (2+ years).
• Familiarity with security configuration control and change management (SCCM).
• Experience with networking concepts (switches, network security, TACLANE).
• Experience with security concepts (Data Loss Prevention, Active Directory, and Security Log Analysis).
• Undergraduate degree in Information Technology or Cyber Security, but candidate with proven experience will not be excluded from consideration.
• Active and continuous learner - either higher education or Continuing Professional Education.

PHYSICAL REQUIREMENTS AND WORK ENVIRONMENT

Employees in these positions must possess mobility to work in a standard office setting and to use standard office equipment, including a computer; stamina to sit or stand and maintain attention to detail despite interruptions; may occasionally lift/carry/push/pull up to 25 pounds; may require occasional walking, climbing, stooping, crouching, and/or bending; and vision to read printed materials and a computer screen, and hearing and speech to communicate in person and over the telephone. Will require the ability to travel by air or auto. May require the use of personal protective equipment such as safety glasses, safety shoes, and shop coats. These positions may be expected to work varying shifts and hours to ensure successful operation of activities in the organization.