Cyber Systems Engineer (level 2 or 3)

Northrop Grumman Northrop Grumman · Aerospace · Dulles, VA +1 · Cyber

Cyber Systems Security Engineering position at Northrop Grumman focused on securing complex satellite systems, communications links, and ground command & control systems. Responsibilities include architecting, implementing, and satisfying RMF Cybersecurity requirements, performing Attack Surface Analysis, implementing COTS security products, supporting space vehicle hardening, and performing system vulnerability scanning and remediation. Requires experience with security products, platform hardening, and cybersecur.

What you'd actually do

  1. Work as part of an integrated product team (IPT) to architect, implement, and satisfy Risk Management Framework (RMF) CyberSecurity, CyberResilience, and/or CyberSurvivability requirements of satellite systems, communications links, and ground command & control (C2) systems.
  2. System Security Engineering Requirements management in support of program protection (PP) requirements, work with systems engineers to decompose system-level security controls into technical performance requirements across the segments and down to specific components, across disciplines Anti-Tamper, TEMPEST, Cybersecurity (RMF), and cryptographic component integration/development.
  3. Perform Attack Surface Analysis (ASA) and prepare Systems Security Plan (SSP) documentation for complex space systems, including Risk Assessment Reports (RAR), Security Control Traceability Matrices (SCTM), Security Assessment Procedures, and POA&Ms
  4. Implement and maintain COTS security products (firewalls, anti-virus, two-factor authentication, SIEM tools, etc. within terrestrial systems
  5. For space segments, you will support design and implementation of space vehicle hardening, for embedded processors and flight software.

Skills

Required

  • Risk Management Framework (RMF)
  • CyberSecurity
  • CyberResilience
  • CyberSurvivability
  • satellite systems
  • communications links
  • ground command & control (C2) systems
  • program protection (PP)
  • Anti-Tamper
  • TEMPEST
  • cryptographic component integration/development
  • Attack Surface Analysis (ASA)
  • Systems Security Plan (SSP)
  • Risk Assessment Reports (RAR)
  • Security Control Traceability Matrices (SCTM)
  • Security Assessment Procedures
  • POA&Ms
  • COTS security products
  • firewalls
  • anti-virus
  • two-factor authentication
  • SIEM tools
  • space vehicle hardening
  • embedded processors
  • flight software
  • real-time operating systems
  • secure coding best practices
  • mission critical operational systems
  • Commercial, Federal Civilian agency, Department of Defense (DoD), Intelligence Community, and/or Special Access Program, Cyber/SSE security controls
  • Agile engineering environment
  • Static Code Analysis (SCA) tool findings
  • Systems engineering
  • assembly
  • integration
  • test activities
  • Cross Domain Solutions
  • cryptographic devices
  • controlled interfaces
  • Mission Unique Software (MUS)
  • computing clouds
  • highly virtualized environments
  • Certification To Field (CTF)
  • Cyber Test & Evaluation
  • system vulnerability scanning
  • remediation
  • patch management
  • Windows operating systems
  • Red Hat operating systems
  • COTS applications
  • GOTS applications
  • virtualized environments
  • cloud environments
  • Standard Operating Procedures (SOPs)
  • software patch installation
  • flaw remediation
  • antivirus updates
  • continuous monitoring (ConMon)
  • security policies and procedures
  • system security authorization package
  • DISA Host Based Security System (HBSS)
  • Endpoint Security Suite (ESS) solutions
  • industry platform hardening practices
  • DISA Security Technical Implementation Guide (STIG) implementation
  • documentation of deviations and mitigations

What the JD emphasized

  • CLEARANCE REQUIRED FOR START: Yes
  • CLEARANCE TYPE: SCI
  • TS clearance transfer