Compliance Spec Sr Prin - Remote Opening

Job Description
BAE Systems, Inc. is looking to hire an experienced Compliance Spec Sr Prin with IT audit qualifications to join our newly established Compliant Operations team within a centralized Governance and Compliance team under Enterprise Shared Services (ESS) IT Delivery Organization. The role will create and operationalize a risk focused continuous monitoring IT compliance program. The successful candidate will collaborate with system owners, internal auditors and other compliance professionals to implement an efficient control owner self assessment program. The role is a key individual whose responsibilities directly contribute to maintaining a strong, compliant cyber security posture within BAE Systems Inc.
Position Responsibilities include, but not limited to:

• Create Control Owner Self Assessment (COSA) program for IT controls, including scheduling, tooling, reporting and test steps.
• Evaluate system owner self assessment responses and provide guidance where required.
• Create Continuous monitoring approach using standard process for systems under various teams.
• Evaluate operational effectiveness of IT controls and determine exposure to risk.
• Create requirements and improvements for the COSA tool focused on ease of use for end users and reporting.
• Conduct analysis of deficiency trends and react through continuous monitoring program enhancements.
• Communicate complex technical issues in simplified terms to the relevant teams and stakeholders.
• Assist with providing guidance to remediate identified security and control risks.
• Identify and address issues to prevent them from recurring.
• Create measurements and reporting for IT system owners, audit professionals and senior leadership on the status, trends and risks. Gather data and analyze it to identify areas for improvement.
• Continually looking for improvement opportunities by optimizing workflows, automations, templates, inheritable cyber services, and execution of value streams that enable sustainable compliance across the enterprise.
• Monitor and measure KPIs and processes to ensure program achieving planned results.
• Partners and collaborates with other compliance organizations within the company including Sector Assurance, OCSO, OCISO, Compliance, etc.
• Evaluate the latest industry trends in cyber security and bring those into the enterprise as applicable.
• Effectively manage system owner relationships.

Required Education, Experience, & Skills

• At least 5 years of experience in information technology auditing, combined audit/IT audit, or relevant information security or information technology roles.
• Strong attention to detail with an analytical mind on IT processes and outstanding problem-solving skills.
• Experience with continuous process improvement, innovative governance, risk and compliance solutions.
• Solid understanding of information security frameworks and IT audit methodologies.
• 5 years of audit project management experience.
• Data Analysis experience.
• Excellent verbal and written communication skills; interpersonal and presentation skills
• Proven management and organizational skills
• Ability to train, develop, and motivate team members.
• Demonstrated leadership in professional setting.
• Demonstrated teamwork and collaboration in a professional setting.
• Understanding of industry standards including ISO27001, ISO 20K, NIST 800-53, 800-171

Preferred Education, Experience, & Skills

• Certified Information Systems Auditor (CISA)
• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• Certificate of Cloud Security Knowledge (CCSK)

Pay Information
Full-Time Salary Range: $92520 - $157320
Please note: This range is based on our market pay structures. However, individual salaries are determined by a variety of factors including, but not limited to: business considerations, local market conditions, and internal equity, as well as candidate qualifications, such as skills, education, and experience.
Employee Benefits: At BAE Systems, we support our employees in all aspects of their life, including their health and financial well-being. Regular employees scheduled to work 20+ hours per week are offered: health, dental, and vision insurance; health savings accounts; a 401(k) savings plan; disability coverage; and life and accident insurance. We also have an employee assistance program, a legal plan, and other perks including discounts on things like home, auto, and pet insurance. Our leave programs include paid time off, paid holidays, as well as other types of leave, including paid parental, military, bereavement, and any applicable federal and state sick leave. Employees may participate in the company recognition program to receive monetary or non-monetary recognition awards. Other incentives may be available based on position level and/or job specifics.
About BAE Systems, Inc.
BAE Systems, Inc. is the U.S. subsidiary of BAE Systems plc, an international defense, aerospace and security company which delivers a full range of products and services for air, land and naval forces, as well as advanced electronics, security, information technology solutions and customer support services. Improving the future and protecting lives is an ambitious mission, but it's what we do at BAE Systems. Working here means using your passion and ingenuity where it counts - defending national security with breakthrough technology, superior products, and intelligence solutions. As you develop the latest technology and defend national security, you will continually hone your skills on a team-making a big impact on a global scale. At BAE Systems, you'll find a rewarding career that truly makes a difference.
Our Commitment to Diversity, Equity, and Inclusion:
At BAE Systems, we work hard every day to nurture an inclusive culture where employees are valued and feel like they belong. We are conscious of the need for all employees to see themselves reflected at every level of the company and know that in order to unlock the full potential of our workforce, everyone must feel confident being their best, most sincere self and be equipped to thrive. We provide impactful professional development experiences to our employees and invest in social impact partnerships to uplift communities and drive purposeful change. Here you will find significant opportunities to do meaningful work in an environment intentionally designed to be one where you will learn, grow and belong.