Information Systems Security Engineer (ISSE)
The Information Assurance Engineer will be assigned as an Information Systems Security Engineer (ISSE) responsible for:
Working as part of an integrated team to architect, implement, and satisfy Risk Management Framework (RMF) cybersecurity requirements of networks and systems within the space domain, i.e., across ground, communications, and space segments.
Preparing and executing assessment procedures to verify conformance with Department of Defense (DoD), Intelligence Community, Special Access Program, and US Air Force security control requirements.
Conducting system vulnerability scanning, remediation and patch management activities on Windows and Red Hat operating systems and various COTS/GOTS applications, including those within virtualized environments.
Ensuring systems are operated, maintained, and disposed of in accordance with security policies and procedures as outlined in the security authorization package.
Conducting weekly systems audits using a combination of automated tools and manual log reviews.
Assisting with software patch installation, antivirus updates, and continuous monitoring activities.
Designs and implements information assurance and security engineering systems with requirements of business continuity, operations security, cryptography, forensics, regulatory compliance, internal counter-espionage (insider threat detection and mitigation), physical security analysis (including facilities analysis, and security management). Assesses and mitigates system security threats and risks throughout the program life cycle. Validates system security requirements definition and analysis. Establishes system security designs. Implements security designs in hardware, software, data, and procedures. Verifies security requirements; performs system certification and accreditation planning and testing and liaison activities. Supports secure systems operations and maintenance.
US citizen with active Top Secret security clearance.
BS degree and 5 years of IA or cybersecurity experience, preferably within the defense or aerospace industry.
Current DoD 8570 IASAE Level II certification (i.e., CASP CE, CISSP (or associate) or CSSLP) strongly preferred.
Recent hands-on experience implementing and operating DISA Host Based Security System (HBSS) or Endpoint Security Suite (ESS) solutions.
Hands-on experience with Security Technical Implementation Guide (STIG) implementation, as well as documentation of deviations and mitigations.
Experience remediating, mitigating, and reporting cybersecurity vulnerabilities discovered through use of audit reduction tools and/or the DISA Automated Security Compliance Assessment Solution (ACAS) tool.
Experience implementing the RMF process from system categorization through continuous monitoring.
Excellent technical document preparation skills with a demonstrated ability to communicate with a variety of stakeholders ranging from technical staffers up to senior program managers.
Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit www.northropgrumman.com/EEO . U.S. Citizenship is required for most positions.
Back to top