RELOCATION ASSISTANCE: No relocation assistance available
CLEARANCE REQUIRED FOR START: Yes
CLEARANCE TYPE: Top Secret
TRAVEL: No
Description
At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work — and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history.
Northrop Grumman Space Systems—Missile Defense Integration offers an excellent opportunity for a Principal Cyber Systems Engineer – Cyber A&A Engineer (26-205) to join our team of talented and diverse professionals. Located at Schriever Space Force Base, CO, this role is essential for supporting the U.S. President, the Secretary of Defense, and combatant commanders at the strategic, regional, and operational levels.
This position does not provide relocation assistance and requires on-site work with no remote options.
Position Overview:
The Command, Control, Battle Management, and Communications (C2BMC) program is a vital part of the Missile Defense System. It acts as an essential operational tool that allows the U.S. president, the secretary of defense, and combatant commanders at the strategic, regional, and operational levels to plan ballistic missile defenses systematically, monitor the battle collectively, and dynamically control networked sensors and weapons systems to meet global and regional mission goals. C2BMC supports layered missile defense systems that deliver an optimized response to threats across all ranges and flight phases. It functions as a force multiplier by connecting, integrating, and synchronizing autonomous sensors, weapon systems, and operations at both global and regional levels to improve performance. C2BMC is crucial for all grounds and flight tests that verify and demonstrate the current and future capabilities of missile defense systems.
Essential Functions:
Process and track DD Form 2875 user account forms and required training for privileged and non-privileged accounts, perform annual account validation, and work with the system administrator on the creation, modification, and removal of accounts
Conduct an assessment of systems and networks within a virtual environment to identify deviations from acceptable configurations, enclave policies, or local policies. This involves passive evaluations like compliance audits with STIG Viewer and SCAP, as well as active evaluations, including vulnerability assessments with ACAS
Perform Security Technical Implementation Guide (STIG) assessments and hardening for Windows, Red Hat Enterprise Linux (RHEL) systems, and networking equipment using ConfigOS
Develop test plans that reflect how STIG checks are implemented and that show the expected outcomes of those checks
Update Risk Management Framework (RMF) artifact documentation to ensure that non-compliant system hardening is tracked and remediated
Establish strict program control processes to ensure risk mitigation and support the assessment and authorization of systems
Includes support for process, analysis, coordination, control certification testing, compliance documentation, as well as investigations, software research, hardware introduction and release, emerging technology research, inspections, and periodic audits
Assist in implementing the required government policy (e.g., NISPOM, NIST, DoD), make recommendations on process tailoring, and participate in and document process activities
Perform analyses to validate established cybersecurity controls and requirements and to recommend cybersecurity safeguards
Support program test milestones through pre-test preparations, participating in the tests, analysis of the results, and preparation of required artifacts supporting authorization
Prepare artifacts such as Test Results (TR), Authorization Boundary Diagrams (ABD), Network Topologies, Flow Diagrams, Hardware and Software Listings, Ports, Protocols, Services Management documentation to support Assessment and Authorization activities, and maintain the Plan of Actions and Milestones (POA&M)
Periodically conduct a comprehensive review of each program's support and operational system audits and monitor corrective actions until all actions are closed
Coordinate across the program to address identified deficiencies in RMF assessment activities
Basic Qualifications:
Please list your current security clearance and IAT or relevant certifications on your resume, if applicable.
A Bachelor’s Degree in a related field from an accredited university, along with 8 years of experience; or a Master’s degree in a related field with 6 years of relevant work experience; or 12 years of relevant work experience may be considered in lieu of a degree
Applicants must have a current, active DoD 8140 certification at IAT Level II / IAM Level I or higher (such as Security+ CE, CCNA-Security, CySA+, CND, CGRC, CASP, CISM, CISSP for Associate, CCISO, etc.) at the time of application, which is required to start. The candidate is responsible for maintaining their DoD 8140 certification throughout the entire contract period
Applicants must have a current, active in-scope DoD-issued Top Secret security clearance at the time of application, which is required to start
Security engineering skills with a working knowledge of cybersecurity technology and DoD/Federal cybersecurity policy (i.e., DoDI 8500.01, NIST SP 800-53, etc.)
Understanding and utilization of Enterprise Mission Assurance Support Service (eMASS)
Understanding of the Risk Management Framework (RMF) Cybersecurity Lifecycle to include:
Identifying controls and overlays, generating testable requirements, identifying resilient architecture design, configuring, running, and scripting audit tools, analyzing vulnerabilities, and conducting verification testing for compliance assessment
Knowledge of Software Assurance (SwA) static and dynamic code analysis (e.g., Fortify/SonarQube)
Preferred Qualifications
Windows and Red Hat Enterprise Linux (RHEL) system administration skills
Previous background working in a virtual environment
Previous background working with Docker and containers
Administer ACAS and ESS (formally HBSS)
Previous experience with ConfigOS
What We Can Offer You:
Northrop Grumman offers a comprehensive benefits package and a work environment that promotes your growth, supporting both employees and the company's success. The benefits at Northrop Grumman are flexible and customizable, allowing you to select options that best meet your needs and those of your family. Your benefits will include the following:
Health Plan
Savings Plan
Paid Time Off
Education Assistance
Training and Development
https://benefits.northropgrumman.com/us/en2/BenefitsOverview/Pages/default.aspx
#NGSpace
#COSpace
#NGFeaturedJobs
#C2BMC
Primary Level Salary Range: $142,200.00 - $213,200.00
The above salary range represents a general guideline; however, Northrop Grumman considers a number of factors when determining base salary offers such as the scope and responsibilities of the position and the candidate's experience, education, skills and current market conditions.
Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results. Employees in Vice President or Director positions may be eligible for Long Term Incentives. In addition, Northrop Grumman provides a variety of benefits including health insurance coverage, life and disability insurance, savings plan, Company paid holidays and paid time off (PTO) for vacation and/or personal business.
The application period for the job is estimated to be 20 days from the job posting date. However, this timeline may be shortened or extended depending on business needs and the availability of qualified candidates.
Northrop Grumman is an Equal Opportunity Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO and pay transparency statement, please visit http://www.northropgrumman.com/EEO. U.S. Citizenship is required for all positions with a government clearance and certain other restricted positions.