Computer Sys Security Anlyst
Are you interested in the opportunity to work for an industry-leading company whose work with cutting-edge technology is driven by something human: the lives our technology protects? If so, Northrop Grumman may be the place for you. It's not the systems that drive us: it's the soldier our systems bring home. It's not just the equipment that motivates us: it's the people our equipment protects. It's not the innovation that gets us up in the morning: it's whom those innovations serve. We're united by our work to help people and protect the world. And that mission makes our team even stronger.
When you join Northrop Grumman, you'll have the opportunity to connect with coworkers in an environment that's uniquely caring, diverse, and respectful. Employees share experiences, insights, perspectives, and creative solutions with some of the best minds in the industry. We collaborate through integrated product teams, cross-functional teams, and employee resource groups, while thriving through the support of training and development, mentors and every day coaching, along with extensive health and work/life benefits. We're committed to our employees' professional and personal development and success.
Northrop Grumman recruits top talent with traditional and non-traditional backgrounds in order to ensure our team is united, connected, skilled, focused and innovative. An inclusive workplace of people with diverse backgrounds, experiences, and perspectives is the key to our performance. At Northrop Grumman, we want our employees to bring their whole self to work. All your different sides are welcome here, as we believe they make our team, our products and our services, that much better.
The qualified applicant will provide IT Security support to various international and domestic CDC information systems and serve as an IT Security consultant and advisor to system stakeholders on matters related to regulatory compliance, security controls, threats and vulnerabilities.
- Develop and maintain a solid working knowledge of CDC, HHS, and Federal security regulations, policies, laws, and requirements.
- Work extensively with multiple senior-level stakeholders (system owners, mission leads, IT Governance, and the Information Systems Security Officer (ISSO)) in the conduct of system compliance and protection activities covering both domestic and international projects.
- Work with mission / technical teams to perform security analysis on in-development technical solutions and provide security compliance and guidance input as required
- Formally evaluate systems (either in development or in production) for compliance with Federal security requirements and develop corresponding documentation
- Assist system owners with identifying and utilizing relevant enterprise shared services and solutions to enable compliance and security activities
- Develop System Security Authorization (SSA) packages and manage the end-to-end SSA process for assigned systems including development of NIST-compliant System Security Plans, Rules of Behavior, Continuity of Operations and Disaster Recovery Plans, Risk Assessments, Interconnection Security Agreements, Incident Response Plans, Privacy Impact Assessments, Data Sharing / Use Agreements, etc.
- Develop and maintain system risk assessments and, as/if needed, remediation and mitigation plans
- Following formal approval, maintain system authorizations through proactive monitoring of system compliance, formal change management, corrective actions, and package updates.
- Become a trusted security subject matter expert supporting various mission leaders and activities
- Perform technical IT system security/vulnerability assessments using provided tools – interpret results and manage remediation's as needed
- Support various other security-related activities including facilitation of change control processes and data call responses; management of encrypted / secure data storage devices; and the evaluation, justification, and management of software and third party website approvals
- Some level of remote work and schedule flexibility (due to international project teams) is anticipated and will be determined on a case-by-case basis. No on-call requirements.
- Overseas travel may be required (3-5 trips per year)
- Bachelor's degree in Computer Science, Information Systems Management, or a related field and 5 years of experience. Additional 4 years of experience maybe accepted to satisfy the degree requirement.
- Demonstrated knowledge of computer operating systems and networks, component architectures, application development, and/or data management processes and technologies – the successful candidate must understand the fundamental technical components, processes, and interactions of enterprise-level information systems
- Demonstrated knowledge of fundamental information security concepts and processes such as risk assessment and mitigation strategies, security control techniques and technologies, assessment and evaluation methods, and user access control methodologies
- Excellent analytic skills – the successful candidate must be able to receive information, digest it, and apply standards and requirements to that information and in order to produce a clear and effective evaluation / assessment
- Excellent communication skills - both written and verbal
- Demonstrated facility with technical documentation
- Demonstrated problem-solving capability
- Ability to effectively manage time, and prioritize and execute tasks in a high-pressure environment
- Must be able to work independently and within deadlines
- Must be able to pass required Federal background screening / security check including basic and expanded investigations
- Desire and ability to quickly obtain industry certifications if needed
Candidates with these desired skills will be given preferential consideration:
- 3 or more years' experience with Federal System Security Authorization processes / methodologies
- One or more industry certifications including CISSP, SANS GIAC Certifications, and NSA's IAM/IEM
- Experience with industry standard security / vulnerability assessment tools
- Security policy development and process implementation experience in Federal agencies - CDC / HHS preferred
- Government and/or CDC experience
- International experience, especially in a health-related field
- Must be able to obtain a US DoD security clearance if required
Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit www.northropgrumman.com/EEO. U.S. Citizenship is required for most positions.
Meet Some of Northrop Grumman's Employees
Jacqueline operates on power electronics for Northrop Grumman’s space application projects. She meets with engineering groups, chats with customers, and works on circuit analysis.
Back to top