Principal/Sr. Principal Cyber Systems Engineer - CDS

At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work - and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history.

• Level 03, Principal: Bachelor's Degree with 5 years' experience, master's degree and 3 years of experience, or PhD with 0 years of experience. An additional 4 years of experience may be considered in lieu of degree.
• Level 04, Sr Principal: Bachelor's Degree with 9 years' experience, master's degree and 7 years of experience, or PhD with 4 years of experience . An additional 4 years of experience may be considered in lieu of degree.
• Must possess an active TS/SCI clearance.
• Must have experience with Linux and Windows Operating Systems .
• Must have experience in Software Development, System Administration, or Network Engineering.
• Understanding of and previous experience with Cross Domain Solutions (CDS) and the National Cross Domain S olutions and Management Office (NCDSMO) suite of Raise The Bar (RTB) requirements.

• Experience applying agile methodologies to the development of cybersecurity capabilities for embedded systems.
• Experience with NSA Type-1 certification process, Cross Domain Solution implementation and certification, or Multi-Level Security systems implementation.
• Experience working on a multidisciplinary team and writing technical proposals.
• Excellent communication, and interpersonal skills, and the ability to interface with all levels of employees and management.
• Familiarity with U.S Government Anti-Tamper (AT) processes and implementations
• Experience with DoD System Security Engineering activities.
• Experience with Risk Management Framework (RMF), Security Technical Implementation Guide (STIG) and requirements development.

• Possess a current ISC2 CISSP certification.
• Current DoD 8570 IAM level III, security certification (examples: CISSP, CISM, etc.).
• Minimum 10 years of experience performing information systems security duties.
• Demonstrated experience in networking and complex architectures to include cross-domain solutions.
• Demonstrated experience with NIST 800-53 policies, WAN auditing reviews IAW DAAPM/JSIG requirements, & writing entire RMF Bodies of Evidence to obtain and maintain ATO for classified systems.
• Mastery of RED/BLACK boundary definition, TEMPEST considerations, Crypto units, Cross Domain Solutions, and Controlled Interfaces within space systems.
• RMF SSP including SCTM, RAR, POAMs, and relevant artifacts (Incident Response Plan, Contingency Plan, ConMon Plan, as appropriate) .
• Key & Certificate Management Plan (KCMP)
• Program Protection Implementation Plan (PPIP) and Cybersecurity Strategy.
• Ensuring systems are operated , maintained, and disposed of in accordance with security policies and procedures as outlined in the system security authorization package (SSP, RAR, SCTM, ConMon Plan).
• Championing automation efforts across all DevSecOps disciplines to routinely accomplish SCAP SCANs, developing and running NIST 800-53a Verification Procedures, and automating manual STIG checklists.