Cyber Systems Engineer -level 4 (26-310)

Northrop Grumman Northrop Grumman · Aerospace · Colorado Springs, CO +1 · Cyber

Northrop Grumman is seeking a Sr. Principal Cyber Systems Engineer, specifically a Cybersecurity Patch Product Owner, to support the C2BMC program. This role involves managing patching oversight, technical documentation, vulnerability assessments, risk analysis, and fulfilling Product Owner duties for the Cyber and Platforms Agile Release Train. The position requires a Secret security clearance, IAT Level II or higher certification, and experience with cybersecurity concepts, RMF, NIST standards, and DoDI 8500.2/SP 800-53.

What you'd actually do

  1. Handling patching oversight, managing technical documentation, tracking status and metrics, conducting vulnerability assessments, responding to engineering issues for system POA&Ms, performing risk analysis for Risk Acceptance Requests (RARs), and providing Cyber support for the C2BMC program and customer meetings
  2. Effectively communicate and collaborate with Agile Leadership and Program Management to coordinate patching and other cyber mitigation activities throughout the RMF Authorization lifecycle.
  3. Fulfilling Product Owner duties for the Cyber and Platforms (CAP) Agile Release Train (ART).
  4. Collaboration across the Cyber Development, Cyber Engineering, and Cyber Ops teams.

Skills

Required

  • Bachelor’s Degree in Computer Science, Computer Engineering, Cybersecurity, Information Systems, Information Technology, Software Engineering, Mathematics, Physics, or a related field
  • 8 years of experience with a Bachelor's degree, or 6 years with a Master's degree, or 12 years of relevant work experience
  • current, active DoD 8140 certification at IAT Level II or higher (e.g., Security+ CE, CCNA-Security, CySA+, CND)
  • current, active in-scope DoD-issued Secret security clearance
  • strong working knowledge of cybersecurity concepts, including patch management, multi-factor authentication, endpoint security, intrusion detection, security event management, and defense-in-depth
  • experience in requirements generation, architecture design, audit tools, and compliance activities for mission systems
  • excellent interpersonal skills, demonstrated ability to support complex organizational relationships
  • technical document preparation and verbal communication skills
  • security engineering skills
  • working knowledge of cybersecurity technologies, NIST standards, DoDI 8500.2, and SP 800-53
  • experience in the Cybersecurity Lifecycle, including generating requirements, creating architecture designs, configuring audit tools, conducting verification, and performing compliance activities

Nice to have

  • Experience hardening Windows and Linux servers and workstations in accordance with GPOs, IAVMs, and STIGs

What the JD emphasized

  • current, active DoD 8140 certification at IAT Level II or higher
  • current, active in-scope DoD-issued Secret security clearance
  • working knowledge of cybersecurity technologies, NIST standards, DoDI 8500.2
  • SP 800-53