Cybersecurity Analyst / Principal Cybersecurity Analyst

Northrop Grumman Northrop Grumman · Aerospace · Redondo Beach, CA +1 · Cyber

Northrop Grumman is seeking a Cybersecurity Analyst or Principal Cybersecurity Analyst to support its IT Infrastructure & Operations organization's Classified Solutions team. The role involves conducting system audits, continuous monitoring, performing assessments of systems and networks, recommending security safeguards, assisting in policy implementation, and supporting the Assessment and Authorization (A&A) process under strict program control. Responsibilities include process support, analysis, coordination, security certification testing, documentation, investigations, software/hardware research, emerging-technology research, inspections, and periodic audits. The candidate will also support Security Test and Evaluation (ST&E) and prepare the Risk Management Framework body of evidence. A Top Secret clearance with SCI access is required, along with meeting U.S. Government 8140 requirements for IAM Level I equivalent security certification.

What you'd actually do

  1. Conduct system audits and continuous monitoring activities, covering all security controls, configurations, and operational processes to evaluate the security posture of the information systems.
  2. Perform assessments of systems and networks within the networking environment or enclave and identify where those systems and networks deviate from acceptable configurations, enclave policy, or local policy.
  3. Perform analyses to validate established security requirements and to recommend additional security requirements and safeguards.
  4. Assist in the implementation of the required government policy, make recommendations on process tailoring, and participate in and document process activities.
  5. Work within strict program control processes to ensure mitigation of risks and support the Assessment and Authorization (A&A) of systems. This includes process support, analysis, coordination, security certification testing, security documentation, investigations, software research, hardware introduction and release, emerging‑technology research, inspections, and periodic audits.

Skills

Required

  • Current U.S. Government Top Secret level security clearance
  • SCI access level eligibility
  • U.S. Government 8140 requirements for IAM Level I equivalent (or higher) security certification (Security+ CE or CGRC)
  • Master’s degree in Cybersecurity or related field (or equivalent experience)

Nice to have

  • Ability to obtain and maintain a CI Polygraph
  • Experience in cybersecurity compliance (ex., Assessment & Authorization under RMF)
  • Knowledge of security tools such as ACAS, Nessus, Splunk, Trellix, and SCAP
  • Knowledge of security frameworks and documentation such as NIST, SSPs, POA&Ms, and SCTMs

What the JD emphasized

  • SCI
  • Top Secret
  • SCI access level eligibility
  • U.S. Government 8140 requirements for IAM Level I equivalent (or higher) security certification
  • Assessment & Authorization under RMF
  • NIST
  • SSPs
  • POA&Ms
  • SCTMs