Cyber Protection Principal/sr. Principal Engineer-aht

Northrop Grumman Northrop Grumman · Aerospace · Warner Robins, GA +2 · Cyber

Northrop Grumman is seeking a Cyber Protection Principal Engineer for DAF CLOUDworks, focusing on cloud penetration testing, adversarial emulation, red team operations, and container security assessments within a cleared DoD environment. Requires strong offensive security background and expertise in AWS and Azure. The role involves maintaining and enhancing capabilities in secure cloud programs, including information security, infrastructure development, and cloud migration.

What you'd actually do

  1. Maintain and enhance capabilities in support of DAF CLOUDworks
  2. Provide technical support of customers leveraging DAF CLOUDworks
  3. Focus on cloud penetration testing, adversarial emulation, red team operations, and container security assessments within a cleared DoD environment
  4. Support operations and sustainment, modifying and enhancing offerings to implement new requirements, enhance functionality, increase efficiency, or lower operating/deployment
  5. Actively participate in the DAF CLOUDworks program, which spans multiple teams and areas of cloud engineering including information security, infrastructure development, and cloud migration.

Skills

Required

  • Bachelor’s degree in Science with 5+ years of software development experience (Level 3) or 8+ years (Level 4)
  • Active Top Secret/SCI clearance
  • IAT Level II or III certification (Security+, Pentest+, SecurityX,) within 60 days of start
  • Deep knowledge of cloud attack paths (IAM privilege escalation, metadata service abuse, misconfigured storage, cross-account trust exploitation, and OAuth/token abuse)
  • Proficiency with cloud-native offensive tooling (Pacu, AADInternals)
  • Proficiency with enumeration platforms (ScoutSuite, CloudFox, Prowler, ROADtools)

Nice to have

  • Prior DoD or IC classified environment experience
  • Familiarity with adversary simulation platforms (Cobalt Strike, Sliver, Havoc)
  • Experience developing and executing cyber tabletop exercises
  • Hands-on experience with Docker and Kubernetes security assessments
  • Strong scripting skills in Bash, Python, and PowerShell
  • Working knowledge of MITRE ATT&CK as applied to cloud and hybrid environments
  • OSCP, CPTS, PNPT, GPEN, GXPN, GCPN, AWS Security Specialty, or AZ-500 certifications
  • Jira and Confluence for sprint and documentation workflows
  • GitHub for version controlled tooling and collaborative code review

What the JD emphasized

  • active Top Secret/SCI clearance
  • Deep knowledge of cloud attack paths
  • Proficiency with cloud-native offensive tooling