Sentinel - Lead Systems Security Engineer – Cots Vulnerability Assessment

Northrop Grumman Northrop Grumman · Aerospace · Roy, UT +1 · Systems/Architecture/Test

Lead Systems Security Engineer responsible for researching, testing, and documenting the cybersecurity posture of commercial off-the-shelf hardware and software products, including performing vulnerability assessments and developing lab procedures.

What you'd actually do

  1. Perform vulnerability assessments against COTs hardware / software
  2. Develop, lead, and provide oversight for lab procedures
  3. Review, Interpret, and Communicate vulnerability assessment results
  4. Participate in a variety of working groups, customer meetings
  5. Contributes to the ongoing enhancement of assessment capabilities through the development and implementation of improved methodology, processes, infrastructure, tools, and deliverables

Skills

Required

  • STEM degree
  • systems security engineering
  • cyber risk management
  • vulnerability assessment
  • penetration testing
  • supply chain risk management
  • counterfeit part assurance
  • DoD cybersecurity policies
  • NIST RMF
  • CMMC

Nice to have

  • OSCP
  • GREM
  • PenTest+
  • CSSLP
  • Real Time Operating Systems (VxWorks, GreenHills Integrity, LynxOS, FreeRTOS, etc.)
  • software configurations (STIG, OpenSCAP, SCAP SC)
  • policy as code pipelines (GitLab CI, Jenkins, Azure DevOps)
  • SCRM chain of custody processes
  • provenance assessments for COTS components
  • MBSE concepts and tools (SysML, Cameo, Enterprise Architect, IBM?DOORS)

What the JD emphasized

  • active DoD Top Secret
  • DoD cybersecurity policies
  • NIST RMF
  • CMMC