Sentinel - Systems Engineer (scrm Vulnerability Assessment Engineer) - 17381

Northrop Grumman Northrop Grumman · Aerospace · Roy, UT +1 · Systems/Architecture/Test

This role involves performing vulnerability assessments on commercial off-the-shelf hardware and software products for the Sentinel Program. Responsibilities include researching, testing, documenting cybersecurity posture, reviewing and communicating assessment results, and contributing to the enhancement of assessment capabilities through improved methodology and tools. A Secret security clearance is required.

What you'd actually do

  1. Perform vulnerability assessments against COTs hardware / software
  2. Review, Interpret, and Communicate vulnerability assessment results
  3. Participate in a variety of working groups, customer meetings
  4. Contributes to the ongoing enhancement of assessment capabilities through the development and implementation of improved methodology, processes, infrastructure, tools, and deliverables

Skills

Required

  • BS in Software Engineering, Computer Science, Digital Forensics, Computer Engineering, or Electrical Engineering with 2 years of related experience, or a Master’s degree with 0 years of related experience
  • Active U.S. Government DoD Secret security clearance
  • Ability to obtain Special Access Program (SAP) approval
  • Ability to obtain CompTIA Security+ certification within 6 months
  • Familiarity with developing, documenting, and executing formal test plans and procedures, with a specific focus on vulnerability/penetration testing and counterfeit part assurance.

Nice to have

  • Top Secret Security Clearance
  • OSCP, GREM, PenTest+ or comparable industry-recognized certifications
  • Experience utilizing penetration testing and vulnerability assessment tools (Kali Linux / Metasploit / NESSUS / ACAS / OpenVAS / Etc.)
  • Experience validating software configurations (STIG / OpenSCAP)
  • Experience with software forensics activities / processes
  • Experience with SCRM chain of custody processes / procedures
  • Experience in software or hardware reverse engineering and exploratory reconnaissance

What the JD emphasized

  • Must be a US Citizen with an active U.S. Government DoD Secret security clearance at time of application with an investigation completed within the last 6 years
  • Ability to obtain CompTIA Security+ certification within 6 months of starting in the position.
  • Familiarity of developing, documenting, and executing formal test plans and procedures, with a specific focus on vulnerability/penetration testing and counterfeit part assurance.