Principal/sr. Principal Systems Security Engineer

Northrop Grumman Northrop Grumman · Aerospace · Rolling Meadows, IL +1 · Systems/Architecture/Test

The role is for a Systems Security Engineer at Northrop Grumman, focusing on Anti-Tamper and Cybersecurity solutions for defense systems. Responsibilities include full lifecycle systems engineering, implementing security techniques, ensuring compliance with US Government policies, conducting analyses, collaborating on export solutions, and supporting security testing and documentation. Requires experience with JSIG, DAAPM, NIST 800-53, and cryptographic protocols. A security clearance is mandatory.

What you'd actually do

  1. Demonstrate full life cycle Systems Engineering development experience in Anti-Tamper and/or Cybersecurity**: encompassing architecture design, trade studies, requirements formulation, detailed design, unit testing, system testing, and validation and verification practices.
  2. Support the development and implementation of hardware and software Anti-Tamper and/or CyberSecurity techniques and countermeasures to protect assets and enhance operational integrity and reliability.
  3. Implement and ensure compliance with US Government policies (e.g., JSIG, DAAPM, NIST 800-53, CNSSI 1253, DODI 5200.39, etc.); e.g., by supporting secure architecting of systems, reviewing processes, tailoring needs controls, and approving generating documented procedures artifacts, and overseeing security testing and analysis.
  4. Conduct thorough analyses to validate existing security requirements and develop additional safeguards as necessary to enhance system security.
  5. Collaborate with the US Government and program teams to negotiate and develop Anti-Tamper / CyberSecurity solutions for international export markets, ensuring the security of compliance with Tri-Service Committee and Red Team requirements for US-deployed and exported military systems.

Skills

Required

  • Systems Engineering
  • Cybersecurity
  • Anti-Tamper
  • Requirements formulation
  • Architecture design
  • Trade studies
  • Unit testing
  • System testing
  • Validation and verification
  • US Government policies (JSIG, DAAPM, NIST 800-53, CNSSI 1253, DODI 5200.39)
  • Reverse engineering techniques
  • Technical Release Analyses
  • Controlled Unclassified Information (CUI) and Critical Program Information (CPI) determinations
  • Technology Release processes
  • Exportability compliance
  • Cryptographic security protocols
  • Security Test and Evaluation (ST&E)
  • Assessment and Authorization (A&A)
  • System Security Plans
  • Plan of Actions and Milestones (POA&M)
  • Strategic planning for security technology development

Nice to have

  • Relocation assistance
  • Travel (10%)

What the JD emphasized

  • Anti-Tamper
  • Cybersecurity
  • US Government policies
  • JSIG
  • DAAPM
  • NIST 800-53
  • CNSSI 1253
  • DODI 5200.39
  • SAP
  • security clearance