Staff Cyber Systems Engineer
UTRO03, United States
Full Time Senior-level / Expert Clearance required USD 162K - 243K
Northrop Grumman
Northrop Grumman solves the toughest problems in space, aeronautics, defense and cyberspace to meet the ever evolving needs of our customers worldwide. Our 95,000 employees define possible every day using science, technology and engineering to...Description
At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work — and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history.Northrop Grumman Mission Systems is a trusted provider of mission-enabling solutions for global security. Our Engineering and Sciences (E&S) organization pushes the boundaries of innovation, redefines engineering capabilities, and drives advances in various sciences. Our team is chartered with providing the skills and innovative technologies to develop, design, produce and sustain optimized product lines across the sector while providing a decisive advantage to the warfighter. Come be a part of our mission!
Northrop Grumman Mission Systems Mission Defense Cyber Team has an opening for a Cybersecurity Systems Engineer (CSSE) supporting the Sentinel program based out of Roy, UT. Other operating locations include Annapolis Junction, MD, San Antonio, TX, Redondo Beach, CA, Huntsville, AL, San Diego, CA, and Colorado Springs, CO.
A Cybersecurity Systems Engineer (CSSE) ensures cyber survivability attributes are implemented in system designs as it assesses/evaluates the customers’/stakeholders’ cybersecurity requirements to decompose, derive, and refine the system’s cybersecurity requirements at all levels to drive the built-in cybersecurity protections to the architecture and design. The CSSE also guides/supports the security layout / architecture and influences the security tools selection and development. The CSSE evaluates/assesses the proposed and realized implementations to identify security risks, attack surface, and verify the cybersecurity protections from the design are realized and integrated. The CSSE guides/supports the development of verification efforts to ensure the cybersecurity protections / capabilities are functional, effective, and complete. A CSSE supports the definition of security governance, and risk management.
As a Cyber Systems Engineer on this team, you will have the following responsibilities:
Author and review requirement decomposition, derivation, and flow down
Implement and review traceability of requirements throughout a spec tree architecture
Support the architecture and design of baked in cybersecurity requirements and protections
Document and review traceability of requirements to the design & its models
Implement and review the application of cybersecurity profile stereotypes to a Model Based System Engineering (MBSE) Architecture
Provide cybersecurity system engineering implementation guidance and oversight to technical teams/implementers
Review and Assess stakeholder security objectives, protection needs and concerns, security requirements, and associated verification/validation methods
Implement, review and assess cybersecurity system requirements verification/validation methods
Identify and/or assess vulnerabilities and susceptibility to life cycle disruptions, hazards, and threats
Provide security considerations to inform systems engineering efforts with the objective to reduce errors, flaws, and weakness that may constitute security vulnerability leading to unacceptable asset loss and consequences
Identify, quantify, and evaluate the costs/benefits of security functions and considerations to inform analysis of alternatives, engineering trade-offs, and risk treatment decisions
Author, support and maintain cybersecurity program documentation & RMF package documentation: Cybersecurity Strategies, System Security Plans, Continuous Monitoring Plans, Risk Assessment Report, Security Control Traceability Matrix, Plan Of Actions & Milestones, etc.
Basic Qualifications for a Staff Cyber Systems Engineer:
Bachelor’s degree in Systems Engineering, Cybersecurity Engineering, Computer Engineering, Computer Science, or related STEM discipline with 12 years of related cyber systems engineering experience; Master’s degree in Systems Engineering, Cybersecurity Engineering, Computer Engineering, Computer Science, or related STEM discipline with 10 years of related cyber systems engineering experience; PhD in Systems Engineering, Cybersecurity Engineering, Computer Engineering, Computer Science, or related STEM discipline with 8 year of related cyber systems engineering experience; will consider 16 years of applied cyber systems engineering experience in lieu of degree.
Direct Experience utilizing NIST 800-160 system security engineer and the system development life cycle.
Processing SOW, requirements, architecture, design, implementation, integration, verification & validation, field test, etc.
Direct experience developing RMF assessment and authorization documentation
U.S. Citizenship required
A current/active DoD Secret clearance.
The ability to obtain and maintain a DoD Top Secret clearance is required.
The ability to obtain and maintain Special Access (SAP) to the program.
Possession of a current IASAE II certification (CISSP preferred) in accordance with DoDI 8140 or able to obtain within six months of hire.
Preferred Qualifications for a Staff Cyber Systems Engineer:
System security architecture experience
Experience working with DOORS and CAMEO
Security related tool suite in DevSecOps pipeline (SonarQube, Fortify etc)
Familiarity with Systems Security Engineering (SSE) documentation (e.g. Cybersecurity Strategies, Information Support Plans, Program Protection Plans (PPPs)
Familiarity with Anti-Tamper Plans, Counterintelligence Support Plans, Integrated Threat Assessment Reports, Operations Security Plans, Continuous Monitoring Plans, Defensive Cyberspace Operations Plans, Cybersecurity Strategies, Information Support Plans, Enterprise Architecture Views and NIST SP 800-160
DoD 8570 certification for IASAE III (ISSEP, ISSAP)
Experience with Agile methodologies
Active TS/SCI clearance
Tags: Agile CISSP Clearance Computer Science DevSecOps DoD DoDD 8140 DoDD 8570 Governance Monitoring NIST PhD Risk assessment Risk Assessment Report Risk management RMF SAP Sentinel SonarQube STEM System Security Plan Top Secret Top Secret Clearance TS/SCI Vulnerabilities
Perks/benefits: Career development Health care Insurance Relocation support Salary bonus Transparency
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.