Cyber Engineer 3/4

Are you interested in expanding your career through experience and exposure, all the while supporting a mission that seeks to ensure the security of our nation and its allies? If so, then Northrop Grumman may be the place for you. As a leading global security company providing innovative systems, products and solutions to customers worldwide, Northrop Grumman offers an extraordinary portfolio of capabilities and technologies. Here at Northrop Grumman we are comprised of professionals that bring different perspectives, are curious about the world, accepting of each other, and understand that the more ideas, backgrounds, and experiences we bring to our work then the more innovative we can be. As we continue to build our talented workforce we look for professionals that exemplify our core values, leadership characteristics, and approach to innovation.

Roles and Responsibilities:

The Cyber Engineer will be responsible for providing Information Systems Security Officer (ISSO) support to maintain active Authorization to Operate (ATO) status. The Cyber Engineer will be providing support in all duties relating to cybersecurity. This requisition maybe filled at a higher grade based on qualifications listed below.
Static code analysis using HP Fortify.
Provide subject matter expert guidance and expertise throughout the entire NIST Risk Management Framework (RMF) process.
Ensure the system is hardened against all threats through use of required hardening guides, identify system vulnerabilities, facilitate the remediation of system vulnerabilities, and prepare systems for independent verification and validation (IV&V) in order to obtain and maintain an active ATO status. Develop and maintain RMF Assessment & Authorization (A&A) packages.
Support all configuration changes to the system to ensure a secure baseline is maintained and no unsecure modifications are introduced to the system.
Support the implementation of continuous monitoring.
Perform annual testing of Continuity of Operations Plans and Incident Response Plans.
Provide HIPAA, privacy, and security training to internal team.
Develop, update, and maintain all required documentation to support the A&A package.
Ensure compliance with IAVM and USCYBERCOM requirements.
Support any and all incident and spillage handling actions.

BasicQualifications:

This position may be filled by either a Level 03 or a Level 04 candidate.

BQs for a Cybersecurity Engineer 03 are:

Bachelor's degree in Computer Engineering/Science, Information Systems, Cybersecurity, or a technically relevant field of study with 5 years of overall experience.
3 years in a cybersecurity role, providing cybersecurity expertise for projects and programs for Government or Industry customers.
3 years of experience performing day-to-day ISSE responsibilities for system / product teams, and working with system administrators to implement security controls and remediating vulnerabilities.
Proven ability to perform hands-on security test & evaluation of large-scale, complex, Linux-based systems against current NIST standards.
Familiarity with supporting the sustainment activities for System Security Plans (SSPs) following the Risk Management Framework process for national level mission systems.
Shall coordinate and work with various system stakeholders to determine the applicable security/IA requirements based on the intent of the NIST 800-53, and CNSS 1253 security requirements
Shall coordinate with program management and other stakeholders to track and maintain risks associated with multiple mission Information Systems to ensure compliance with all IA requirements and national level directives
Shall have experience in the management and maintenance of systems required to satisfy the A&A requirements under the NIST 800-37, NIST 800-53, and the CNSS 1253
Must be US Citizen and able to obtain and maintain a Secret clearance

BQs for a Cybersecurity Engineer 04 are:

Bachelor's degree in Computer Engineering/Science, Information Systems, Cybersecurity, or a technically relevant field of study with 9 years of overall experience.
7 years in a cybersecurity role, providing cybersecurity expertise for software intensive projects and programs for Government or Industry customers.
7 years as a Security Engineer supporting software architecture development.
7 years of experience performing day-to-day ISSE responsibilities for system / product teams, and working with system administrators to implement security controls and remediating vulnerabilities.
Shall have proven ability to perform hands-on security test & evaluation of large-scale, complex, Linux-based systems against current NIST standards
Shall have familiarity with supporting the sustainment activities for System Security Plans (SSPs) following the Risk Management Framework process for national level mission systems
Shall coordinate and work with various system stakeholders to determine the applicable security/IA requirements based on the intent of the NIST 800-53, and CNSS 1253 security requirements
Shall coordinate with program management and other stakeholders to track and maintain risks associated with multiple mission Information Systems to ensure compliance with all IA requirements and national level directives
Shall have experience in the management and maintenance of systems required to satisfy the A&A requirements under the NIST 800-37, NIST 800-53, and the CNSS 1253
Must be US Citizen and able to obtain and maintain a Secret clearance

Preferred Qualifications:
Active Secret clearance
One or more of the following certifications is highly desired: Security+, CISSP, CISM, CISA, GSEC, CEH
Master's Degree in either Computer Engineering/Science, Information Systems, Cybersecurity, or other technically relevant field of study
Experience with DISA STIGs and SRGs
Experience using one or more of the following tools: HP Fortify, WebInspect, AppDetective Pro, ACAS
Experience managing A&A packages in eMASS
Experience in consulting to the Defense Health Agency (DHA)
Experience with the Theater Medical Information Program Joint (TMIP-J) legacy systems including AHLTA-T, TC2, MCC, TMDS, MMM, DTRS, MSAT, TRAC2ES, DCAM
Experience with MHS Genesis
Experience in healthcare industry
Past experience working in CMMI Maturity Level 3 environment, supporting Government programs

Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit www.northropgrumman.com/EEO . U.S. Citizenship is required for most positions.${descr2}${descr3}


Back to top