Northrop Grumman
Cyber Systems Engineer – Cyber A&A Engineer (24-430)
Northrop Grumman, Colorado Springs, Colorado, United States, 80509
Requisition ID: R10176007Category:
Information TechnologyLocation:
Colorado Springs, Colorado, United States of AmericaClearance Type:
SecretTelecommute:
No - Teleworking not available for this positionShift:
Days (United States of America)Travel Required:
Yes, 10% of the TimePositions Available:
1At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history. We look for people who have bold new ideas, courage, and a pioneering spirit to join forces to invent the future.Position Overview:
The successful candidate will be expected to communicate and work closely with C2BMC Operational ISSOs in direct support of the Operational eMASS packages managed by the A&A team. Additionally, a qualified candidate must work closely with System owners, Cyber peers, Program Office technical/management staff, and other C2BMC Functional Areas to ensure the C2BMC fielded system attains and maintains appropriate Authorization for Connection, Test, and Operational purposes. The selected candidate is expected to assist with Cyber Products analysis, Vulnerability mitigation, and POA&M Management to assist the team in the successful delivery of eMASS Packages, Ports Protocols, and Services (PPS) in accordance with contract schedules.The primary focus for the qualified candidate will be to rotate and blend technical documentation, surge support for authorization packages in eMASS, assess vulnerabilities, engineer responses for system POA&Ms, provide proposal support, and conduct risk analysis for Risk Acceptance Requests (RARs).Basic Qualifications:An active Secret clearance is required to start.Bachelor’s Degree in a STEM (Science, Technology, Engineering or Mathematics) discipline preferred from an accredited university and 2 years of related experience, or a Master’s degree and 0 years of experience, or a PhD and 0 years of experience, or 6 years of related experience in lieu of a degree may be considered.DoD 8140 certification at IAT Level II or higher (Security+, GSEC, SCNP, SSCP, CISSP, CISA, GSE, SCNA) is required to start.Requires security engineering skills with a working knowledge of Information Assurance (IA) technology, NIST standards, DoDI 8500.2, and Risk Management Framework (RMF) Security Controls.Must have experience in the Agile Development Lifecycle, including:Generating requirementsDesigning architectureConfiguring Cyber audit toolsConducting verificationPerforming Cyber vulnerability and configuration activitiesLeadership experience, effective interpersonal skills, and a demonstrated ability to support complex organizational relationships are required.Excellent technical document preparation and verbal communication skills are required to present technical Cyber issues and reports to the Government, Program Management, and other C2BMC Functional Areas.Strong working knowledge of Cyber capabilities, such as:Patch managementMulti-factor authenticationHost-based securityIntrusion detectionSecurity event managementActive/passive system scanningDefense-in-depthRecent experience and familiarity with creating/updating Assessment and Authorization (A&A) packages for RMF Authority to Operate (ATOs) is required.Preferred Qualifications:Application experience hardening Windows and Linux servers and workstations in accordance with GPOs, IAVMs, and STIGs is desired.Network design and software engineering backgrounds are a plus.Recent hands-on experience with Agile execution, tools, and methodologies is highly preferred.Highly desired experience with using Scripting Languages such as Python and PowerShell to solve complex data analysis problems along with in-depth cyber vulnerability analysis.Highly desired familiarity with vulnerability scanning and analysis tools such as:ACAS (Tenable.sc / Nessus Vulnerability scanner)Evaluate-STIGSTIG ManagerTrivyWhat We Can Offer You:
Northrop Grumman provides a comprehensive benefits package and a work environment that encourages your growth and supports the mutual success of our people and our company.Salary Range:
$87,200 - $130,800. The above salary range represents a general guideline; however, Northrop Grumman considers a number of factors when determining base salary offers such as the scope and responsibilities of the position and the candidate's experience, education, skills, and current market conditions.U.S. Citizenship is required for all positions with a government clearance and certain other restricted positions.
#J-18808-Ljbffr
Information TechnologyLocation:
Colorado Springs, Colorado, United States of AmericaClearance Type:
SecretTelecommute:
No - Teleworking not available for this positionShift:
Days (United States of America)Travel Required:
Yes, 10% of the TimePositions Available:
1At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history. We look for people who have bold new ideas, courage, and a pioneering spirit to join forces to invent the future.Position Overview:
The successful candidate will be expected to communicate and work closely with C2BMC Operational ISSOs in direct support of the Operational eMASS packages managed by the A&A team. Additionally, a qualified candidate must work closely with System owners, Cyber peers, Program Office technical/management staff, and other C2BMC Functional Areas to ensure the C2BMC fielded system attains and maintains appropriate Authorization for Connection, Test, and Operational purposes. The selected candidate is expected to assist with Cyber Products analysis, Vulnerability mitigation, and POA&M Management to assist the team in the successful delivery of eMASS Packages, Ports Protocols, and Services (PPS) in accordance with contract schedules.The primary focus for the qualified candidate will be to rotate and blend technical documentation, surge support for authorization packages in eMASS, assess vulnerabilities, engineer responses for system POA&Ms, provide proposal support, and conduct risk analysis for Risk Acceptance Requests (RARs).Basic Qualifications:An active Secret clearance is required to start.Bachelor’s Degree in a STEM (Science, Technology, Engineering or Mathematics) discipline preferred from an accredited university and 2 years of related experience, or a Master’s degree and 0 years of experience, or a PhD and 0 years of experience, or 6 years of related experience in lieu of a degree may be considered.DoD 8140 certification at IAT Level II or higher (Security+, GSEC, SCNP, SSCP, CISSP, CISA, GSE, SCNA) is required to start.Requires security engineering skills with a working knowledge of Information Assurance (IA) technology, NIST standards, DoDI 8500.2, and Risk Management Framework (RMF) Security Controls.Must have experience in the Agile Development Lifecycle, including:Generating requirementsDesigning architectureConfiguring Cyber audit toolsConducting verificationPerforming Cyber vulnerability and configuration activitiesLeadership experience, effective interpersonal skills, and a demonstrated ability to support complex organizational relationships are required.Excellent technical document preparation and verbal communication skills are required to present technical Cyber issues and reports to the Government, Program Management, and other C2BMC Functional Areas.Strong working knowledge of Cyber capabilities, such as:Patch managementMulti-factor authenticationHost-based securityIntrusion detectionSecurity event managementActive/passive system scanningDefense-in-depthRecent experience and familiarity with creating/updating Assessment and Authorization (A&A) packages for RMF Authority to Operate (ATOs) is required.Preferred Qualifications:Application experience hardening Windows and Linux servers and workstations in accordance with GPOs, IAVMs, and STIGs is desired.Network design and software engineering backgrounds are a plus.Recent hands-on experience with Agile execution, tools, and methodologies is highly preferred.Highly desired experience with using Scripting Languages such as Python and PowerShell to solve complex data analysis problems along with in-depth cyber vulnerability analysis.Highly desired familiarity with vulnerability scanning and analysis tools such as:ACAS (Tenable.sc / Nessus Vulnerability scanner)Evaluate-STIGSTIG ManagerTrivyWhat We Can Offer You:
Northrop Grumman provides a comprehensive benefits package and a work environment that encourages your growth and supports the mutual success of our people and our company.Salary Range:
$87,200 - $130,800. The above salary range represents a general guideline; however, Northrop Grumman considers a number of factors when determining base salary offers such as the scope and responsibilities of the position and the candidate's experience, education, skills, and current market conditions.U.S. Citizenship is required for all positions with a government clearance and certain other restricted positions.
#J-18808-Ljbffr