Northrop Grumman is an aerospace, defense and security company that provides training and satellite ground network communications software. They are seeking a Cybersecurity Analyst to support the JTAGS program, focusing on security assessments, compliance audits, and vulnerability management while collaborating with system administrators to implement secure configurations.
Contribute to the development and enforcement of strong program controls aimed at effectively mitigating identified security risks.
Assist in the preparation and upkeep of essential documentation for system certification and accreditation processes.
Support the planning, coordination, and documentation of security certification testing activities.
Conduct research on emerging technologies and their potential impact on the program’s security landscape.
Participate in regular security inspections and audits
Support in the development of technical standard operating processes and procedures as needed
Provide analysis, design, development, implementation and security assessments to ensure compliance with National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, CNSSI 1253, and DoD RMF Knowledge Service guidance.
Hardening and securing information systems and network gear while understanding the operational and security impacts of various security configurations
Troubleshooting, identifying, and resolving system failures in a timely manner
Participating in technical interchange meetings
Providing support for development and enhancement of security engineering inputs to program documentation, security authorization packages, CDRLs, and research & development reports.
Qualification
Required
Bachelor's degree in cybersecurity or related STEM field with 2 years of experience OR Master's degree with 0 experience
Active IAT Level II (ie. CompTIA Security+) certification or DOD 8140 Foundational Qualification
Active Secret security clearance
Basic proficiency in RHEL OS command line and/or Windows PowerShell
Applies basic technical expertise and skillset under general supervision to work cybersecurity projects and tasks IAW required DoD security and cybersecurity instructions, policies, frameworks, etc., including: Scanning and reporting cybersecurity vulnerabilities discovered through use of audit reduction tools and/or the DISA Automated Security Compliance Assessment Solution (ACAS) tool (Tenable Security Center and Tenable NESSUS Scanner), Performing STIG compliance scans using Xylok or other STIG scanning tools, Identifying & applying DISA STIGs/hardening systems
Possesses basic understanding and experience with NIST SP 800-37 RMF for DoD Systems, including Can navigate the IAW NIST/DoD RMF processes, Has basic knowledge of SP 800-53 security and privacy controls, as well as selecting and applying the appropriate overlays
Preferred
Basic knowledge of security risks & strategies, SIEM, antivirus, proxies, firewalls, and intrusion detection concepts, tools, and processes
Experience in creating, editing, and updating program CDRLs
Beginner skillset and/or familiarity with Trellix Endpoint Security Solutions (ESS)
Experience with Hyper-V and/or VMware
Experience with JTAGS system
Possesses working knowledge of Splunk
Experience implementing DevSecOps practices and principles for release management
Experience with satellite communications ground system(s) and/or missile warning system(s)
Experience supporting US Space Force development or sustainment program(s) as a defense contractor
Working knowledge and/or experience with JIRA for task assignment, status tracking, and execution
Benefits
Health insurance coverage
Life and disability insurance
Savings plan
Company paid holidays
Paid time off (PTO) for vacation and/or personal business
Northrop Grumman is an aerospace, defense and security company that provides training and satellite ground network communications software.
Glassdoor
4.0
Founded in 1994
Falls Church, Virginia, USA
10001+ employees
https://www.northropgrumman.com
Northrop Grumman is an aerospace, defense and security company that provides training and satellite ground network communications software.