Northrop Grumman
Assoc/Cyber Security Engineer (TS) Space Systems (Dulles)
Northrop Grumman, Richmond, Virginia, United States,
Requisition ID: R10174713
Category:
Information Technology
Location:
Dulles, Virginia, United States of America
Clearance Type:
Top Secret
Telecommute:
No- Teleworking not available for this position
Shift:
Days (United States of America)
Travel Required:
Yes, 10% of the Time
Positions Available:
1
This early career Cyber/Systems Security Engineering position performs System Security Engineering (SSE) tasks on Space Programs, with responsibilities across all system segments - Space Segment, Communications Segment, Ground Segment, and in some cases User Segment. This position requires Top Secret clearance and a cybersecurity certification.
Duties of the position are working as part of an integrated product team (IPT) to support the following activities:
Initial tasking will be focused on internal development, test labs, and other off-network enclaves. These enclaves are maintained in conformance with NIST 800-171 and CMMC security control standards. Applicants must demonstrate the aptitude to secure very complex systems with conflicting design requirements.
The major segments of Space Systems include satellite systems, communications links, and ground command & control (C2) systems.
Design, engineer, implement, test, and deliver space solutions that satisfy cybersecurity criteria including NIST 800-37 Risk Management Framework (RMF) and its associated controls catalog NIST 800-53. Alternatively, the governance schema may be community specific variations such as ICD-503 or JSIG.
Design and evaluate system design robustness against additional criteria to demonstrate CyberResilience and/or CyberSurvivability.
Allocating system-level requirements (commonly expressed as security controls), which includes working as part of the systems engineering team to decompose system-level security requirements across relevant Segments, Subsystems and down to specific Components.
This allocation process includes requirements associated with secure program protection requirements across Systems Security Engineering specialty areas, or the following disciplines: Software Security Assurance, TEMPEST, RED/BLACK Separation, COMSEC, TRANSEC, Key Management, Anti-Tamper, and cryptographic component integration/development. (There is limited exposure to these techniques in our internal, unclassified engineering labs.)
Performing Attack Surface Analysis (ASA) and preparing Systems Security Plan (SSP) documentation for enclaves/environments that support development, integration & test of complex space systems, including Risk Assessment Reports (RAR), Security Control Traceability Matrices (SCTM), and Security Assessment Plans/Reports. Technical writing skills and attention to detail are essential skills.
Contributing to systems development activities, specifically hardening systems to meet secure baseline requirements, such as DISA STIGs or CIS Benchmarks, for Commercial, Off-The-Shelf (COTS) technologies. And/or supporting, cognizant engineers in the hardening of custom-built hardware/software.
Contributing to the secure development of custom hardware and software through the establishment and promulgation of secure coding best practices, performing static and dynamic analysis, fuzz testing, code reviews, and analytical methods.
Preparing and Executing assessment procedures to verify conformance with Commercial, Federal Civilian agency, Department of Defense (DoD), Intelligence Community, IA/Cyber security controls, and or survivability requirements, as required based on the specified customer/system requirements and risk threshold.
Performing systems engineering, integration, and test activities for security-critical components, such as firewalls, anti-virus, HIDS/NIDS/HIPS, Cross Domain Solutions, cryptographic devices, and controlled interfaces.
Conducting secure system maintenance activities as a privileged user, specifically but not limited to performing, routine audit log reviews, scanning for vulnerabilities, and confirming patches applied to COTS software.
There are very limited opportunities for penetration testing and this position should not be considered a career path for that focus area.
This position can be filled as a level 1 or 2.
Basic Qualifications:
Associate Engineer
Bachelor’s Degree in any STEM discipline, experience can be considered in lieu of degree
IT security experience, in any federally regulated industry performing:
Implementing the Risk Management Framework (RMF) NIST 800-37 with NIST 800-53 controls, or NIST 800-171 for unclassified, corporate environments
Securing complex systems composed of COTS HW/SW
Any DoD 8570 IT Security certification, such as Security+
US Citizenship with an active Top Secret Clearance at time of application
Engineer
Bachelor’s Degree in any STEM discipline with 2 years of experience (Or Masters, or a PhD) Experience can be considered in lieu of degree
2 years IT security experience, in any federally regulated industry performing:
Implementing the Risk Management Framework (RMF) NIST 800-37 with NIST 800-53 controls, or NIST 800-171 for unclassified, corporate environments
Securing complex systems composed of COTS HW/SW
Any DoD 8570 IT Security certification, such as Security+
US Citizenship with an active Top Secret Clearance at time of application
Preferred Qualifications:
Bachelors Degree in Electrical Engineering, Computer Science, or Aerospace Engineering
2 years Cyber Systems Engineering experience in the Defense Aerospace Industry performing:
Security requirements analysis and decomposition
Hardening systems composed of both COTS and Custom HW/SW
Exposure to national security requirements for classified systems.
Associate CISSP Certification
Demonstrated knowledge of Systems Engineering processes, applying security to embedded systems, engineering review milestones and SDLC.
Northrop Grumman offers a competitive and robust benefits program.
As a full-time employee of Northrop Grumman, you are eligible for our robust benefits package including:
Medical
Dental & Vision coverage
401k
Educational Assistance
Life Insurance
Employee Assistance Programs & Work/Life Solutions
Paid Time Off
Health & Wellness Resources
Employee Discounts
Flexible Schedules (For example the ability to work a 9/80 work schedule, which allows an employee to work a nine-hour day Monday through Thursday and take every other Friday off of work)
For more details please visit our total rewards site or chat with one of our recruiters to learn more.
Salary Range:
$72,100 - $108,100Salary Range 2:
$87,200 - $130,800The above salary range represents a general guideline; however, Northrop Grumman considers a number of factors when determining base salary offers such as the scope and responsibilities of the position and the candidate's experience, education, skills and current market conditions.Employees may be eligible for a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results. Employees in Vice President or Director positions may be eligible for Long Term Incentives. In addition, Northrop Grumman provides a variety of benefits including health insurance coverage, life and disability insurance, savings plan, Company paid holidays and paid time off (PTO) for vacation and/or personal business.
Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit. U.S. Citizenship is required for all positions with a government clearance and certain other restricted positions.
#J-18808-Ljbffr
Category:
Information Technology
Location:
Dulles, Virginia, United States of America
Clearance Type:
Top Secret
Telecommute:
No- Teleworking not available for this position
Shift:
Days (United States of America)
Travel Required:
Yes, 10% of the Time
Positions Available:
1
This early career Cyber/Systems Security Engineering position performs System Security Engineering (SSE) tasks on Space Programs, with responsibilities across all system segments - Space Segment, Communications Segment, Ground Segment, and in some cases User Segment. This position requires Top Secret clearance and a cybersecurity certification.
Duties of the position are working as part of an integrated product team (IPT) to support the following activities:
Initial tasking will be focused on internal development, test labs, and other off-network enclaves. These enclaves are maintained in conformance with NIST 800-171 and CMMC security control standards. Applicants must demonstrate the aptitude to secure very complex systems with conflicting design requirements.
The major segments of Space Systems include satellite systems, communications links, and ground command & control (C2) systems.
Design, engineer, implement, test, and deliver space solutions that satisfy cybersecurity criteria including NIST 800-37 Risk Management Framework (RMF) and its associated controls catalog NIST 800-53. Alternatively, the governance schema may be community specific variations such as ICD-503 or JSIG.
Design and evaluate system design robustness against additional criteria to demonstrate CyberResilience and/or CyberSurvivability.
Allocating system-level requirements (commonly expressed as security controls), which includes working as part of the systems engineering team to decompose system-level security requirements across relevant Segments, Subsystems and down to specific Components.
This allocation process includes requirements associated with secure program protection requirements across Systems Security Engineering specialty areas, or the following disciplines: Software Security Assurance, TEMPEST, RED/BLACK Separation, COMSEC, TRANSEC, Key Management, Anti-Tamper, and cryptographic component integration/development. (There is limited exposure to these techniques in our internal, unclassified engineering labs.)
Performing Attack Surface Analysis (ASA) and preparing Systems Security Plan (SSP) documentation for enclaves/environments that support development, integration & test of complex space systems, including Risk Assessment Reports (RAR), Security Control Traceability Matrices (SCTM), and Security Assessment Plans/Reports. Technical writing skills and attention to detail are essential skills.
Contributing to systems development activities, specifically hardening systems to meet secure baseline requirements, such as DISA STIGs or CIS Benchmarks, for Commercial, Off-The-Shelf (COTS) technologies. And/or supporting, cognizant engineers in the hardening of custom-built hardware/software.
Contributing to the secure development of custom hardware and software through the establishment and promulgation of secure coding best practices, performing static and dynamic analysis, fuzz testing, code reviews, and analytical methods.
Preparing and Executing assessment procedures to verify conformance with Commercial, Federal Civilian agency, Department of Defense (DoD), Intelligence Community, IA/Cyber security controls, and or survivability requirements, as required based on the specified customer/system requirements and risk threshold.
Performing systems engineering, integration, and test activities for security-critical components, such as firewalls, anti-virus, HIDS/NIDS/HIPS, Cross Domain Solutions, cryptographic devices, and controlled interfaces.
Conducting secure system maintenance activities as a privileged user, specifically but not limited to performing, routine audit log reviews, scanning for vulnerabilities, and confirming patches applied to COTS software.
There are very limited opportunities for penetration testing and this position should not be considered a career path for that focus area.
This position can be filled as a level 1 or 2.
Basic Qualifications:
Associate Engineer
Bachelor’s Degree in any STEM discipline, experience can be considered in lieu of degree
IT security experience, in any federally regulated industry performing:
Implementing the Risk Management Framework (RMF) NIST 800-37 with NIST 800-53 controls, or NIST 800-171 for unclassified, corporate environments
Securing complex systems composed of COTS HW/SW
Any DoD 8570 IT Security certification, such as Security+
US Citizenship with an active Top Secret Clearance at time of application
Engineer
Bachelor’s Degree in any STEM discipline with 2 years of experience (Or Masters, or a PhD) Experience can be considered in lieu of degree
2 years IT security experience, in any federally regulated industry performing:
Implementing the Risk Management Framework (RMF) NIST 800-37 with NIST 800-53 controls, or NIST 800-171 for unclassified, corporate environments
Securing complex systems composed of COTS HW/SW
Any DoD 8570 IT Security certification, such as Security+
US Citizenship with an active Top Secret Clearance at time of application
Preferred Qualifications:
Bachelors Degree in Electrical Engineering, Computer Science, or Aerospace Engineering
2 years Cyber Systems Engineering experience in the Defense Aerospace Industry performing:
Security requirements analysis and decomposition
Hardening systems composed of both COTS and Custom HW/SW
Exposure to national security requirements for classified systems.
Associate CISSP Certification
Demonstrated knowledge of Systems Engineering processes, applying security to embedded systems, engineering review milestones and SDLC.
Northrop Grumman offers a competitive and robust benefits program.
As a full-time employee of Northrop Grumman, you are eligible for our robust benefits package including:
Medical
Dental & Vision coverage
401k
Educational Assistance
Life Insurance
Employee Assistance Programs & Work/Life Solutions
Paid Time Off
Health & Wellness Resources
Employee Discounts
Flexible Schedules (For example the ability to work a 9/80 work schedule, which allows an employee to work a nine-hour day Monday through Thursday and take every other Friday off of work)
For more details please visit our total rewards site or chat with one of our recruiters to learn more.
Salary Range:
$72,100 - $108,100Salary Range 2:
$87,200 - $130,800The above salary range represents a general guideline; however, Northrop Grumman considers a number of factors when determining base salary offers such as the scope and responsibilities of the position and the candidate's experience, education, skills and current market conditions.Employees may be eligible for a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results. Employees in Vice President or Director positions may be eligible for Long Term Incentives. In addition, Northrop Grumman provides a variety of benefits including health insurance coverage, life and disability insurance, savings plan, Company paid holidays and paid time off (PTO) for vacation and/or personal business.
Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit. U.S. Citizenship is required for all positions with a government clearance and certain other restricted positions.
#J-18808-Ljbffr