Northrop Grumman is a leading aerospace and defense technology company, and they are seeking a Cyber Systems Engineer – Level 2 to join their team in Huntsville, AL. The role involves supporting the Ground Weapons System program with a focus on cybersecurity compliance and system security requirements throughout the development lifecycle.
Manage Configuration Control Board (CCB) meetings to include management of Information System with emphasis on Change Management for proposed software/hardware changes, focusing on potential security impacts, risks, and compliance requirements IAW with NIST SP 800-53
Serve as a subject matter expert on RMF, software assurance, security impact analysis, and security controls by offering recommendations and guidance to the board and stakeholders
Review and Assess system security requirements and associated verification methods per RMF standards
Identify and/or assess vulnerabilities and susceptibility to life cycle disruptions, hazards, and threats
Provide security considerations to inform software engineering efforts with the objective of reducing errors, flaws, and weaknesses that may constitute security vulnerability leading to unacceptable asset loss and consequences
Identify, quantify, and evaluate the costs/benefits of security functions and considerations to inform analysis of alternatives, implementation trade-offs, and risk treatment decisions
Design, plan, implement, and perform assessment of security controls, polices, and processes compliance with National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, CNSSI 1253, and DoD RMF Knowledge Service guidance
Participate in team reviews of technical requirements, design and implementation plans prior to deployment
Assist with ensuring the product requirements integrate into the total systems solutions that acknowledge technical, schedule, and cost constraints
Qualification
Required
Bachelor's Degree in a STEM (Science, Technology, Engineering or Mathematics) discipline from an accredited university and 2 years of cyber systems engineering experience, or a Master's Degree in a STEM field with 0-2 years of cyber systems engineering experience
Ability and willingness to travel up to 10% of the time to support business needs
Applicants must have a current active in-scope U.S. Government DoD issued Secret security clearance at the time of application which is required to start
Must currently possess DoD 8140/8570 certification (e.g. Security+ CE)
Experience with Agile software development methodologies
Experience with ITIL framework, with hands on experience designing, implementing, and managing IT service management processes (Incident, Problem, Change, Release, Service Request, and Continual Service Improvement)
Experience with Risk Management Framework IAW with NIST SP 800-53
Experience in developing and implementing a security baseline and must be able to communicate their significance and relevancy in a clear, detailed manner
Applicants must possess excellent written and verbal communication skills
Applicants must demonstrate ability to think critically and capture concepts in work products, presentations, and discussions
Capable of working both independently and within a team environment
Experience with Windows/Linux operating systems and Virtual Machines (VMs)
Understanding of the software development lifecycle and agile development methodology
Preferred
Experience working on the Ground-based Midcourse Defense (GMD) Weapon System (GWS) program
Experience with the implementation of Public Key Infrastructure (PKI) solutions and compliance
Familiarity with Java, C++, or Python
Experience with Information Technology Service Management (ITSM) Solution such as ServiceNow, ServiceDesk Plus, or Jira Service Manager
Experience with Atlassian tool suite and DevSecOps (Jira, BitBucket, Confluence, Artifactory, Jenkins)
Experience using software test automation tools/frameworks (e.g. Eggplant)
Experience working with Systems Engineering disciplines
Experience with using modern code editors (e.g. Visual Studio Code)
The ability to learn new technologies quickly and independently solve problems in a fast-paced environment
Experience working with Nessus Vulnerability Scanner and Synopsis Blackduck Binary Analyzer
Experience working with static and dynamic code analysis
Experience with Cyber Resiliency, Software Assurance, Attack Surface Analysis, Threat Assessment, Operations Security Plans, Defensive Cyberspace Operations, IT/Cybersecurity Strategies, Enterprise Architecture frameworks (e.g. DoDAF), and related documentation IAW DoDI 8500.01, DoDI 8510.01, and NIST SP 800-53
Certification at or exceeding IASAE level 1 (CISSP or CASP minimum and CISSP-ISSEP for Level III)
Benefits
Health insurance coverage
Life and disability insurance
Savings plan
Company paid holidays
Paid time off (PTO) for vacation and/or personal business
Northrop Grumman is an aerospace, defense and security company that provides training and satellite ground network communications software.
Glassdoor
4.0
Founded in 1994
Falls Church, Virginia, USA
10001+ employees
https://www.northropgrumman.com
Northrop Grumman is an aerospace, defense and security company that provides training and satellite ground network communications software.
