Cyber Systems Engineer - Gilbert

Northrop Grumman Northrop Grumman · Aerospace · Gilbert, AZ +1 · Cyber

Cyber Systems Engineer at Northrop Grumman responsible for architecting, implementing, and satisfying Risk Management Framework (RMF) CyberSecurity, CyberResilience, and/or CyberSurvivability requirements for satellite systems, communications links, and ground command & control (C2) systems. Responsibilities include system security engineering, requirements management, attack surface analysis, preparing security documentation, implementing security products, supporting space vehicle hardening, and verifying security controls. The role involves working within an Agile environment and potentially triaging Static Code Analysis findings.

What you'd actually do

  1. Work as part of an integrated product team (IPT) to architect, implement, and satisfy Risk Management Framework (RMF) CyberSecurity, CyberResilience, and/or CyberSurvivability requirements of satellite systems, communications links, and ground command & control (C2) systems. You will engage with multiple engineering disciplines and contribute to the secure design of complex systems
  2. System Security Engineering Requirements management in support of program protection (PP) requirements, work with systems engineers to decompose system-level security controls into technical performance requirements across the segments and down to specific components, across disciplines Anti-Tamper, TEMPEST, Cybersecurity (RMF), and cryptographic component integration/development. You will ensure that Cyber requirements are included in the formal requirements tracking process and is Cyber/SSE contributor for a segment or subsystem
  3. Perform Attack Surface Analysis (ASA) and prepare Systems Security Plan (SSP) documentation for complex space systems, including Risk Assessment Reports (RAR), Security Control Traceability Matrices (SCTM), Security Assessment Procedures, and POA&Ms
  4. Implement and maintain COTS security products (firewalls, anti-virus, two-factor authentication, SIEM tools, etc. within terrestrial systems
  5. For space segments, you will support design and implementation of space vehicle hardening, for embedded processors and flight software. Experience with real-time operating systems, secure coding best practices, or other mission critical operational systems is required

Skills

Required

  • Experience designing systems/networks to use, or hands-on experience with industry platform hardening practices, such as DISA Security Technical Implementation Guide (STIG) implementation, as well as documentation of deviations and mitigations
  • Experience designing systems/networks to use, or scanning, remediating, mitigating, and reporting cybersecurity vulnerabilities discovered through use of audit reduction tools and/or the DISA Automated Security Compliance Assessment Solution (ACAS) tool or Tenable NESSUS
  • Experience implementing the RMF process from system categorization through continuous monitoring
  • Excellent technical document preparation skills with a demonstrated ability to communicate with a variety of stakeholders ranging from technical staffers up to senior program managers
  • Experience with real-time operating systems, secure coding best practices, or other mission critical operational systems is required

Nice to have

  • Experience with Anti-Tamper, TEMPEST, Cybersecurity (RMF), and cryptographic component integration/development
  • Experience with Static Code Analysis (SCA) tool findings (e.g. Fortify)

What the JD emphasized

  • SCI clearance
  • TS/SCI clearance transfer
  • RMF process
  • secure design
  • secure coding best practices