Cybersecurity Analyst / Principal Cybersecurity Analyst - 19072

Northrop Grumman Northrop Grumman · Aerospace · Clearfield, UT +1 · Cyber

This role involves performing cybersecurity assessments and vulnerability evaluations of weapon system components and networks to identify deviations from acceptable configurations and policies. It includes establishing risk mitigation processes, supporting certification and accreditation, documenting assessment results, and ensuring compliance with NIST and DoD RMF guidance. The role also requires applying analytical methods to evaluate cybersecurity implementation effectiveness and developing system and policy documentation for certification.

What you'd actually do

  1. Perform assessments of weapon system components and networks to identify where those systems and networks deviate from acceptable configurations, enclave policy, or local policy; this is achieved through passive evaluations such as compliance audits and active evaluations such as vulnerability assessments.
  2. Establish strict program control processes to ensure mitigation of risks and support obtaining certification and accreditation of systems; this includes support of process, analysis, coordination, security certification test, security documentation, as well as investigations, software research, hardware introduction and release, emerging technology research inspections, and periodic audits.
  3. Document the results of Assessment and Authorization activities and technical or coordination activity and prepare the system Security Plans and update the Plan of Actions and Milestones POA&M.
  4. Periodically conduct a complete review of each system's audits and monitor corrective actions until all actions are closed.
  5. Provide analysis, design, development, implementation, and security assessments to ensure compliance with National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, CNSSI 1253, and DoD RMF Knowledge Service guidance.

Skills

Required

  • Bachelor's degree with 5 years of experience, or Master's degree with 3 years of experience, or PhD degree with 1 year of experience
  • US Citizen
  • Ability to obtain and maintain a U.S. Government DoD security clearance (Secret, Top Secret)
  • Current DoDD 8140 ISSM 722-Intermediate Certification or ability to obtain one within 6 months
  • Prioritize and execute tasks in a collaborative team environment within schedules and timelines
  • Experience with NIST Cybersecurity Framework, FedRAMP, PCI DSS, or similar cybersecurity frameworks

Nice to have

  • 2 years of Information Systems Security Officer/Manager experience
  • Current DODD 8140 ISSM 722-Advanced Certification
  • Working knowledge and understanding of auditing, vulnerability scanning/remediation, DISA STIGs, configuration/change control, and implementation of Risk Management Framework
  • Excellent verbal and written communication skills
  • ICBM Experience
  • Current DoD Top Secret security clearance

What the JD emphasized

  • Top Secret
  • DoDD 8140 ISSM 722-Intermediate Certification
  • NIST Cybersecurity Framework
  • FedRAMP
  • PCI DSS