Systems Engineer, Staff - Cyber/Systems Security
At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems in air and space that impact people's lives around the world today, and for generations to come. Our work preserves freedom and democracy, and advances human discovery and our understanding of the universe. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have a lot of fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work - and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history.
The Northrop Grumman Aerospace Systems is seeking an exceptionally qualified and proven cyber/system security systems engineer to join our System Security Engineering team. The candidate must be capable of leading technical efforts in support of program cyber and system security execution across various IPTs and for a geographically dispersed team.
Role and Responsibilities:
Candidate will perform system security engineering activities supporting all phases of systems development in the areas of Cybersecurity / Information Assurance (IA) / system security engineering, and security assessment and authorization (A&A) as per RMF (Risk Management Framework) for multiple programs and R&D activities at the Redondo Beach, CA and El Segundo, CA locations for embedded and large-scale distributed DoD space, avionics, computer, and communication systems.
Specific responsibilities include the following:
•Define system security requirements, architecture, design, development, evaluation, certification, and accreditation for embedded and large-scale, distributed DoD avionics, computer, and communications systems.
•Apply risk management concepts to mitigate vulnerabilities in security architectures.
•Strong interpersonal, organizational, and teambuilding skills. Strong writing and oral presentation skills; ability to write final-version deliverable technical documents and reports.
•Work with subcontractors and commercial vendors in the selection and evaluation of secure operating systems, applications, networks, hardware, databases, etc.
•Present information in a positive manner to management and customers.
•Work on multiple simultaneous tasks.
•Apply advanced technical principles, theories, and concepts to programs.
•Work on unusually complex technical problems and provide solutions which are highly innovative.
•Derive assignments using self-initiative, then pursue courses of action necessary to obtain desired results.
•Develop advanced technological ideas and guide their development into a final product.
•Serve as organization spokesperson on advanced projects and/or programs.
•Act as advisor to management and customers on advanced technical research studies and applications.
•Collaborate on project management activities including planning, scheduling, budgeting and earned value.
•Lead security business development and acquisition activities including proposal development, estimation and technical evaluation responses.
•Review of selected controls in conjunction with customer selected control overlays to eliminate, mitigate or minimize Information System vulnerabilities with respect to the stated confidentiality, integrity, and availability
•Perform System Security Engineering trade-offs to examine cybersecurity, resiliency, and survivability design concepts, features, and countermeasures to minimize vulnerabilities, weaknesses, and implementation costs
•Coordinate program-wide effort to identify Critical Program Information and Critical Components driven by the Program Protection Implementation Plan
Candidates to have specific domain expertise in System Security Engineering (SSE) / Information Assurance (IA) / Cyber Security; experience providing life-cycle support of Information Assurance (IA) and Anti-Tamper (AT) for requirements, architecture, design, implementation, secure software practices, validation and testing, and Certification & Accreditation (C&A); applying system security engineering principles to provide realistic solutions designed to enhance the security posture; and evaluating different network and enclave configurations with respect to the D0DI 8510.01 and NIST 800-53 Security Controls and formulate effective Risk Management Framework (RMF) processes & accreditation packages; and write RMF-based policies and procedures, and develop sound IA/ Cybersecurity processes to include implementation. Must be able to prioritize and execute tasks and enjoy working in a collaborative team environment, prepare coherent and concise documentation required for certification evaluation.
•Bachelor degree in a STEM (Science, Technology, Engineering or Math) discipline and 14+ years of Systems Security or Systems Engineering experience in an Aerospace environment OR
•Masters of Science degree in a STEM (Science, Technology, Engineering, or Math) discipline and 12+ years of Systems Security or Systems Engineering experience in an Aerospace environment OR
•Doctorate degree in a STEM (Science, Technology, Engineering, or Math) discipline and 9+ years of Systems Security or Systems Engineering experience in an Aerospace environment
•Strong systems engineering knowledge of military/intelligence systems.
•Experience developing system security engineering products and system security architectures, including development of CONOPS, Cybersecurity, IA requirements, and IA test plans/procedures.
•Candidate must have, and be able to maintain, at least ONE of the following active U.S. Government security clearances:
- Dept of Defense Top Secret level with a background investigation date within 6 years OR
- SCI access with a Single Scope Background Investigation (SSBI) completed within 5 years OR
- Dept of Energy Q clearance with a Single Scope Background Investigation (SSBI) completed within 5 years OR
- Single Scope Background Investigation (SSBI) completed within 5 years
•Experience implementing cryptographic algorithms in software.
•Certification in one of the following: DoDI 8570 (CISSP), GSE, SCNA, GSLC, CISM.
•Experience in the development, monitoring, and enforcement of Cyber IA procedures and processes for classified information processing systems, to include implementation of system auditing.
•Experience developing security documentation in support of system security A&A (IATT/ATO) and compliance, including DoDI 8510.01, "Risk Management Framework (RMF) for DoD Information Technology (IT)", CNSSI No. 1253, and NIST SP 800-53
•Experience with multiple operating systems, such as Linux, Solaris, and Windows.
•Experience with networking, firewalls, intrusion detection, and penetration testing.
•Experience with HAIPE and/or NSA Type 1 crypto/key management development and integration.
•Experience with architecture/design practices for DoD system high, multi-level secure (MLS), and cross-domain systems.
•Experience with proposal development, program management, and business development.
•Experience with system architecture modeling, DODAF, UML, SysML, and use case development.
•Experience in key management for COTS/GOTS cryptographic units embedded in large systems.
Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit www.northropgrumman.com/EEO . U.S. Citizenship is required for most positions.
Back to top