Cyber Systems Engineer - Level 2 or 3

Northrop Grumman Northrop Grumman · Aerospace · Aurora, CO +1 · Cyber

Cyber Systems Engineer role at Northrop Grumman, focusing on designing, planning, and implementing security controls and architectures in compliance with NIST and DoD standards. Requires experience with security tools like Rapid 7, Trellix, and Splunk, along with relevant security certifications and an active SCI clearance.

What you'd actually do

  1. Design, plan, implement, and perform assessment of security controls, polices, and processes compliance with National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, CNSSI 1253, and DoD RMF Knowledge Service guidance.
  2. Assist with the implementation of system security architectures.
  3. Provide advanced technical analyses of cyber infrastructure challenges and problems; develop/identify technical solutions responsive to customer needs.
  4. Participate in team reviews of technical requirements, design and implementation plans prior to deployment.
  5. Serve as a Cyber Security engineer (ISSE) supporting high-level technical and practical expertise.

Skills

Required

  • Bachelor's degree with 2 years of relevant experience or equivalent experience
  • Active Top Secret/SCI with Full Scope Polygraph
  • Experience with requirements development, derivation, system integration & test and validation and verification.
  • Security+ CE, CASP, CISSP, or similar security certification.
  • Experience in configuring and implementing Rapid 7, Trellix and Splunk

Nice to have

  • DoD 8570 IAM II/III Certification (CAP, GLSC, CISSP, CASP CE).
  • Certification at or exceeding IASAE level 1 (CISSP or CASP or CSSLP minimum and CISSP-ISSEP for Level III)
  • DoD 8500-series and 8510.01 IA policy directives, approaches to cyber security, knowledge of security procedures, IATT and ATO requirements.

What the JD emphasized

  • Must have an active Top Secret/SCI with Full Scope Polygraph at time of application
  • This position requires practical experience in developing and implementing a security baseline and must be able to communicate their significance and relevancy in a clear, detailed manner.