Principal Classified Cybersecurity Analyst - Secret

Northrop Grumman Northrop Grumman · Aerospace · Melbourne, FL +1 · Cyber

Northrop Grumman is seeking a Principal Classified Cybersecurity Analyst to support information systems lifecycle activities. Responsibilities include conducting system audits, continuous monitoring, performing assessments, validating security requirements, assisting in policy implementation, establishing program control processes for risk mitigation and Assessment and Authorization (A&A), supporting Security Test and Evaluation (ST&E), and documenting A&A activities and Risk Management Framework (RMF) body of evidence. Requires a Secret clearance and Security+ certification.

What you'd actually do

  1. Conduct system audits and continuous monitoring activities, covering all security controls, configurations, and operational processes to evaluate the security posture of the information systems.
  2. Perform assessments of systems and networks within the networking environment or enclave and identify where those systems and networks deviate from acceptable configurations, enclave policy, or local policy.
  3. Perform analyses to validate established security requirements and to recommend additional security requirements and safeguards.
  4. Assist in the implementation of the required government policy, make recommendations on process tailoring, participate in and document process activities.
  5. Establish strict program control processes to ensure mitigation of risks and support the Assessment and Authorization (A&A) of systems. This includes process support, analysis, coordination, security certification testing, security documentation, investigations, software research, hardware introduction and release, emerging technology research, inspections, and periodic audits.

Skills

Required

  • Security+ certification
  • DOD Secret level security clearance
  • Ability to obtain DOD Top Secret level security clearance
  • Ability to obtain access to Special Programs

Nice to have

  • Cyber Security degree
  • Active, Top Secret/SCI, SAP/SAR access, or Polygraph
  • CAP, CASP+, SecurityX, CISM, or CISSP certification
  • 4 years of experience with Certification and Accreditation of classified systems and Risk Management Framework
  • ACAS, NESSUS, SPLUNK, SCAP, POA&Ms, NIST, DIACAP, NISPOM, system audits, vulnerability scanning, and RMF package development

What the JD emphasized

  • Secret clearance
  • Security+
  • classified systems
  • Risk Management Framework