Northrop Grumman Corp. (AU)
Principal Cyber Systems Engineer – Cybersecurity Engineer (24-250)
Northrop Grumman Corp. (AU), Denver, Colorado, United States,
Requisition ID: R10166525
Category:
Information Technology
Location:
Schriever AFB, Colorado, United States of America
Clearance Type:
Top Secret
Telecommute:
No - Teleworking not available for this position
Shift:
Days (United States of America)
Travel Required:
Yes, 10% of the Time
Positions Available:
1
At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work — and we have an insatiable drive to do what others think is impossible.
Northrop Grumman Space Systems – Launch and Missile Defense Systems has an exciting career opportunity for a Principal Cyber Systems Engineer – Cybersecurity Engineer (24-250) to join our team of qualified, diverse individuals. This position will be at Schriever Space Force Base, Colorado Springs, CO.
Position Overview:
The Command and Control, Battle Management, and Communications (C2BMC) program integrates the Missile Defense System. It is a vital operational system that enables the U.S. president, secretary of defense, and combatant commanders at strategic, regional, and operational levels to systematically plan ballistic missile defense operations, to see the battle develop collectively, and to dynamically manage designated networked sensors and weapons systems to achieve global and regional mission objectives.
Essential Functions:
Process and track DD Form 2875 user account forms and required training for privileged and non-privileged accounts, validate annual accounts, and work with the system administrator to create, modify, and remove accounts.
Assess systems and networks within a virtual environment and identify where they deviate from acceptable configurations, enclaves, or local policies.
Develop test plans reflecting how STIG checks are implemented and be able to show the expected outcomes of those checks.
Update the Risk Management Framework (RMF) artifact documentation to ensure non-compliant system hardening is tracked and remediated.
Establish strict program control processes to ensure risk mitigation and support obtaining system assessment and authorization.
Support process, analysis, coordination, control certification test, compliance documentation, investigations, software research, hardware introduction and release, emerging technology research, inspections, and periodic audits.
Assist in implementing the required government policy (i.e., NISPOM, NIST, DoD), making recommendations on process tailoring, and participating in and documenting process activities.
Perform analyses to validate established cybersecurity controls and requirements and to recommend cybersecurity safeguards.
Support program test milestones through pre-test preparations, participating in the tests, analysis of the results, and preparation of required artifacts supporting authorization.
Prepare artifacts such as Test Results (TR), Authorization Boundary Diagrams (ABD), Network Topologies, Flow-diagrams, Hardware and Software listings, Ports, Protocols, and Services Management documentation, supporting Assessment and Authorization activities and maintain the Plan of Actions and Milestones (POA&M).
Periodically review each program support and operational system's audits and monitor corrective actions until all actions are closed.
Coordinate across the program to address identified deficiencies during RMF assessment activities.
Basic Qualifications:
An active top-secret clearance is required to start.
5 years' experience with a STEM Bachelor’s degree in a related field; 3 years' experience with a STEM Master's degree in a related field; OR 9 years' experience in lieu of a degree.
Must possess a DoD 8140 certification at IAT Level II/IAM Level I or higher (Security+, GSEC, SCNP, SSCP, CISSP, CISA, GSE, SCNA).
Must have passive evaluations, such as compliance audits using STIG Viewer, SCAP, etc., and active evaluations, such as vulnerability assessments utilizing ACAS.
Perform Security Technical Implementation Guide (STIG) assessments and hardening for both Windows, Red Hat Enterprise Linux (RHEL) systems, and networking equipment utilizing ConfigOS.
Security engineering skills with a working knowledge of cybersecurity technology and DoD/Federal cybersecurity policy (i.e., DoDI 8500.01, NIST SP 800-53, etc.).
Must understand and utilize Enterprise Mission Assurance Support Service (eMASS).
Understanding of Risk Management Framework (RMF) Cybersecurity Lifecycle to identify controls and overlays, generate testable requirements, identify resilient architecture design, configure, run, and script audit tools, provide vulnerability analyses, and conduct verification testing for compliance assessment.
Knowledge of Software Assurance (SwA) static and dynamic code analysis (e.g., Fortify/SonarQube).
Preferred Qualifications:
Windows and Red Hat Enterprise Linux (RHEL) system administration skills are highly desired.
Previous background working in a virtual environment.
Previous background working with dockers and containers.
Administering ACAS and ESS (formally HBSS) is highly desired.
Previous experience with ConfigOS is desired.
What We Can Offer You:
Northrop Grumman provides a comprehensive benefits package and a work environment that encourages your growth and supports the mutual success of our people and our company. Your benefits will include the following:
Health Plan
Savings Plan
Paid Time Off
Education Assistance
Training and Development
Flexible Work Arrangements
Salary Range:
$107,300 - $160,900
The above salary range represents a general guideline; however, Northrop Grumman considers a number of factors when determining base salary offers such as the scope and responsibilities of the position and the candidate's experience, education, skills and current market conditions.
Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit. U.S. Citizenship is required for all positions with a government clearance and certain other restricted positions.
#J-18808-Ljbffr
Category:
Information Technology
Location:
Schriever AFB, Colorado, United States of America
Clearance Type:
Top Secret
Telecommute:
No - Teleworking not available for this position
Shift:
Days (United States of America)
Travel Required:
Yes, 10% of the Time
Positions Available:
1
At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work — and we have an insatiable drive to do what others think is impossible.
Northrop Grumman Space Systems – Launch and Missile Defense Systems has an exciting career opportunity for a Principal Cyber Systems Engineer – Cybersecurity Engineer (24-250) to join our team of qualified, diverse individuals. This position will be at Schriever Space Force Base, Colorado Springs, CO.
Position Overview:
The Command and Control, Battle Management, and Communications (C2BMC) program integrates the Missile Defense System. It is a vital operational system that enables the U.S. president, secretary of defense, and combatant commanders at strategic, regional, and operational levels to systematically plan ballistic missile defense operations, to see the battle develop collectively, and to dynamically manage designated networked sensors and weapons systems to achieve global and regional mission objectives.
Essential Functions:
Process and track DD Form 2875 user account forms and required training for privileged and non-privileged accounts, validate annual accounts, and work with the system administrator to create, modify, and remove accounts.
Assess systems and networks within a virtual environment and identify where they deviate from acceptable configurations, enclaves, or local policies.
Develop test plans reflecting how STIG checks are implemented and be able to show the expected outcomes of those checks.
Update the Risk Management Framework (RMF) artifact documentation to ensure non-compliant system hardening is tracked and remediated.
Establish strict program control processes to ensure risk mitigation and support obtaining system assessment and authorization.
Support process, analysis, coordination, control certification test, compliance documentation, investigations, software research, hardware introduction and release, emerging technology research, inspections, and periodic audits.
Assist in implementing the required government policy (i.e., NISPOM, NIST, DoD), making recommendations on process tailoring, and participating in and documenting process activities.
Perform analyses to validate established cybersecurity controls and requirements and to recommend cybersecurity safeguards.
Support program test milestones through pre-test preparations, participating in the tests, analysis of the results, and preparation of required artifacts supporting authorization.
Prepare artifacts such as Test Results (TR), Authorization Boundary Diagrams (ABD), Network Topologies, Flow-diagrams, Hardware and Software listings, Ports, Protocols, and Services Management documentation, supporting Assessment and Authorization activities and maintain the Plan of Actions and Milestones (POA&M).
Periodically review each program support and operational system's audits and monitor corrective actions until all actions are closed.
Coordinate across the program to address identified deficiencies during RMF assessment activities.
Basic Qualifications:
An active top-secret clearance is required to start.
5 years' experience with a STEM Bachelor’s degree in a related field; 3 years' experience with a STEM Master's degree in a related field; OR 9 years' experience in lieu of a degree.
Must possess a DoD 8140 certification at IAT Level II/IAM Level I or higher (Security+, GSEC, SCNP, SSCP, CISSP, CISA, GSE, SCNA).
Must have passive evaluations, such as compliance audits using STIG Viewer, SCAP, etc., and active evaluations, such as vulnerability assessments utilizing ACAS.
Perform Security Technical Implementation Guide (STIG) assessments and hardening for both Windows, Red Hat Enterprise Linux (RHEL) systems, and networking equipment utilizing ConfigOS.
Security engineering skills with a working knowledge of cybersecurity technology and DoD/Federal cybersecurity policy (i.e., DoDI 8500.01, NIST SP 800-53, etc.).
Must understand and utilize Enterprise Mission Assurance Support Service (eMASS).
Understanding of Risk Management Framework (RMF) Cybersecurity Lifecycle to identify controls and overlays, generate testable requirements, identify resilient architecture design, configure, run, and script audit tools, provide vulnerability analyses, and conduct verification testing for compliance assessment.
Knowledge of Software Assurance (SwA) static and dynamic code analysis (e.g., Fortify/SonarQube).
Preferred Qualifications:
Windows and Red Hat Enterprise Linux (RHEL) system administration skills are highly desired.
Previous background working in a virtual environment.
Previous background working with dockers and containers.
Administering ACAS and ESS (formally HBSS) is highly desired.
Previous experience with ConfigOS is desired.
What We Can Offer You:
Northrop Grumman provides a comprehensive benefits package and a work environment that encourages your growth and supports the mutual success of our people and our company. Your benefits will include the following:
Health Plan
Savings Plan
Paid Time Off
Education Assistance
Training and Development
Flexible Work Arrangements
Salary Range:
$107,300 - $160,900
The above salary range represents a general guideline; however, Northrop Grumman considers a number of factors when determining base salary offers such as the scope and responsibilities of the position and the candidate's experience, education, skills and current market conditions.
Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit. U.S. Citizenship is required for all positions with a government clearance and certain other restricted positions.
#J-18808-Ljbffr