Staff Software Engineer - Software Assurance

Northrop Grumman Northrop Grumman · Aerospace · Melbourne, FL +4 · Software

Staff Software Engineer focused on Software Assurance within Northrop Grumman's Aeronautics Systems division. Responsibilities include process improvement, program training, secure software factory updates, and supporting programs with software assurance aspects like Airworthiness, System Safety, Nuclear Surety, and security. Requires experience in software development lifecycle, configuration management, and knowledge of security frameworks like RMF, CWEs, CVEs, and relevant handbooks/manuals. Clearance is required.

What you'd actually do

  1. Support the Software Assurance Technical Discipline Lead in process improvement, program training efforts and everything as code (XaC) updates to the Secure Software Factory
  2. As requested by Chief Engineers, support programs that need help with various software assurance aspects, in collaboration with the SW CoTE. This support includes Airworthiness, Software System Safety, Nuclear Surety and security
  3. Collaborate with other technical disciplines to break down silos and allow for effective communication and cross-training

Skills

Required

  • Bachelor of Science degree in a STEM discipline STEM (Science, Technology, Engineering or Mathematics) discipline and 12 years of related professional/military experience in Software Engineering; a Master of Science degree and 10 years of related professional/military experience in Software Engineering; OR a Ph.D. and 8 years of related professional/military experience in Software Engineering
  • Experience with at least one programming language (Java, JavaScript, C++, C#, Python, Swift) and software development lifecycle
  • Experience with one of the following configuration management systems: GIT, GitLab, GitHub, Bitbucket, Subversion
  • Ability to obtain and maintain a U.S. government Secret clearance
  • Ability to obtain and maintain Special Access Program (SAP) clearance
  • Knowledge of the Risk Management Framework (RMF) – NIST SP 800-53r5
  • Understand Common weakness enumeration (CWEs)
  • Understand Common vulnerability enumeration (CVEs)
  • Familiarity with the Joint Software Systems Safety Engineering Handbook (JSSEH)
  • Familiarity with the AFMAN 91-119
  • Familiarity with DO-178C

Nice to have

  • Basic knowledge of containers and cloud technology (AWS, VMWare, Azure, Kubernetes)
  • Basic knowledge of agile processes (Kanban, Scrum, Scrumban)
  • Basic knowledge of security metrics
  • Basic knowledge of software application security testing, dynamic analysis, software composition analysis, fuzzing, binary analysis

What the JD emphasized

  • Secret clearance
  • SAP clearance
  • Risk Management Framework (RMF) – NIST SP 800-53r5
  • Joint Software Systems Safety Engineering Handbook (JSSEH)
  • AFMAN 91-119
  • DO-178C