Principal OR Sr Principal Cybersecurity Systems Engineer (CSSE)

RELOCATION ASSISTANCE: Relocation assistance may be available

CLEARANCE TYPE: Secret

TRAVEL: Yes, 25% of the Time

Description

At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work — and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history.

Northrop Grumman Aeronautics Systems has an opening for a Principal Cybersecurity Systems Engineer or Senior Principal Cybersecurity Systems Engineer (CSSE) supporting the Triton program.  A Cybersecurity Systems Engineer (CSSE) assess/evaluates the customers’/stakeholders’ cybersecurity requirements to decompose, derive, and refine with clarity the system’s cybersecurity requirements to drive the built-in cybersecurity protections to the architecture and design. The CSSE also guides/supports the security layout / architecture and influences the security tools selection and development.  The CSSE evaluates/assess the proposed and realized implementation to identify security risks and verify the cybersecurity protections from the design are realized and integrated.  The CSSE guides/supports the development of verification efforts to ensure the cybersecurity protections / capabilities are functional, effective, and complete.  A CSSE supports the definition of security governance, and risk management.

 

As a Principal Cybersecurity Systems Engineer or Senior Principal Cybersecurity Systems Engineer on this team, you will have the following responsibilities:

 

• Perform software vulnerability assessment utilizing static code analysis tools.
• Experience with the RMF process. Generating and maintaining appropriate artifacts for Navy authorization decisions on several related systems.
• Experience performing and assessing system vulnerability scans utilizing tools such ACAS, and automated SCAP tools such as Evaluate STIG and Security Compliance Checker.
• Experience performing manual STIG / SRG verifications on disparate types of equipment including collecting and evaluating findings.
• Familiarity with agile and DevSecOps processes including work control tools such as JIRA ​

• Familiarity with DoD and Navy cybersecurity workforce requirements including certification and training, DoD 8140 and SECNAV M-5239.2.

 

This requisition may be filled as a Principal Cybersecurity Systems Engineer or Senior Principal Cybersecurity Systems Engineer.

 

Basic Qualifications for a Principal Cyber Systems Engineer

 

• Bachelor’s Degree in Systems Engineering, Cybersecurity Engineering, Computer Engineering, Computer Science or another STEM degree with a minimum 5 years of relevant experience; Master’s degree with at least 3 years of relevant experience, or a PhD with 0 years of experience.
• Direct Experience utilizing NIST 800-160 system security engineer and/or the system development life cycle.
• Foundational knowledge and hand-on experience with core systems engineering principles, including:

• Requirements development, allocation, and traceability
• Verification and validation planning and execution
• Engineering Change Process

• Automate security related processes and tools utilizing scripting and resources such as Ansible, Python and PowerShell

• Experience supporting or leading cybersecurity impact assessments during design changes, capability upgrades, and baseline reviews

• Demonstrated experience performing and assessing system vulnerability scans utilizing tools such ACAS, and automated SCAP tools such as Evaluate STIG and Security Compliance Checker.

• A current/active DoD Secret clearance.

• Must have ability to obtain and maintain Program Access (PAR) within a reasonable period of time, as determined by the company to meet its business needs..
• In possession of a current IASAE II certification (CISSP preferred) in accordance with DoD 8140 or able to obtain within six months of hire.

​Basic Qualifications for a Senior Principal Cyber Systems Engineer

 

•Bachelor’s Degree in Systems Engineering, Cybersecurity Engineering, Computer Engineering, Computer Science or another STEM degree with a minimum 5 years of relevant experience; Master’s degree with at least 6 years of relevant experience, or a PhD with 4 years of experience.
• Direct Experience utilizing NIST 800-160 system security engineer and/or the system development life cycle.
• Foundational knowledge and hand-on experience with core systems engineering principles, including:

• Requirements development, allocation, and traceability
• Verification and validation planning and execution
• Engineering Change Process

• Automate security related processes and tools utilizing scripting and resources such as Ansible, Python and PowerShell

• Experience supporting or leading cybersecurity impact assessments during design changes, capability upgrades, and baseline reviews

• Demonstrated experience performing and assessing system vulnerability scans utilizing tools such ACAS, and automated SCAP tools such as Evaluate STIG and Security Compliance Checker.

• A current/active DoD Secret clearance.

• Must have ability to obtain and maintain Program Access (PAR) within a reasonable period of time, as determined by the company to meet its business needs.
• In possession of a current IASAE II certification (CISSP preferred) in accordance with DoD 8140 or able to obtain within six months of hire.

 

Preferred Qualifications

 

• System security architecture experience
• Experience with networking technologies, router and switch configurations, troubleshooting and security / vulnerability assessments

• Familiarity with Systems Security Engineering (SSE) documentation (e.g. Cybersecurity Strategies, Information Support Plans, Program Protection Plans (PPPs)
• DoDI 8140 certification for IASAE III (ISSEP, ISSAP)
• Active TS/SCI clearance

Salary Range: $121,400.00 - $182,000.00Salary Range 2: $151,100.00 - $226,700.00

The above salary range represents a general guideline; however, Northrop Grumman considers a number of factors when determining base salary offers such as the scope and responsibilities of the position and the candidate's experience, education, skills and current market conditions.

Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results. Employees in Vice President or Director positions may be eligible for Long Term Incentives. In addition, Northrop Grumman provides a variety of benefits including health insurance coverage, life and disability insurance, savings plan, Company paid holidays and paid time off (PTO) for vacation and/or personal business.

The application period for the job is estimated to be 20 days from the job posting date. However, this timeline may be shortened or extended depending on business needs and the availability of qualified candidates.

Northrop Grumman is an Equal Opportunity Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO and pay transparency statement, please visit http://www.northropgrumman.com/EEO. U.S. Citizenship is required for all positions with a government clearance and certain other restricted positions.