Colorado Springs, Colorado, USA
20 days ago
Principal Cyber Systems Engineer/Senior Principal Cyber Systems Engineer
RELOCATION ASSISTANCE: Relocation assistance may be available

CLEARANCE TYPE: Secret

TRAVEL: Yes, 10% of the Time

Description

At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work — and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history.

Overview

As a cyber systems engineer for the JTAGS program, you will play a pivotal role in building and sustaining the robust cybersecurity posture of the program’s classified systems and networks used for development, integration, test, training, and operations. This is a mid- to senior-level role and an integrated program team (IPT) leadership position, and it includes a balance of program-facing leadership duties (e.g., meetings, work product reviews, program status, schedule management, etc.) and hands-on technical work with your team. This position is an individual contributor position, not a functional management position with direct reports.

You will be responsible for leading a team of cyber engineers and analysts to on-schedule, on-budget completion of all efforts to achieve quality outcomes for the program and its stakeholders. These activities include but are not limited to:

Participating in cross-functional team coordination meetings, including weekly program flow down, program management status, and daily technical scrum meetingsCollaborating with other IPT leads and interfacing with program leadership to ensure the program satisfies all cybersecurity requirementsLeading development and maintenance of cybersecurity team standard operating procedures (SOPs) and other documentation as needed to ensure reliable, repeatable task executionBalancing a variety of duties ranging from micro-level tasks to macro-level projectsDelegating responsibilities and assignments to team members while maintaining accountability and appropriate oversightEvaluating and onboarding new members to the cybersecurity team to support the needs of the programManaging and delivering the system POA&MPerforming vulnerability assessments and compliance audits of systems and networksPerforming quarterly IA/cybersecurity patching and development of patch listsSelecting DISA STIGs and hardening systemsSustaining the system’s Trellix endpoint security solutions productsDeveloping and verifying system, sub-system, and component level requirements derived from the SP800-53 security and privacy controls with the appropriate overlaysSupporting development, verification, and validation of system design changes while maintaining or improving cybersecurity complianceLeading execution of a security impact assessment prior to any system modification, such as software patching, OS upgrade, new hardware, etc.Serving as the key stakeholder in maintaining an ongoing Authority to Operate (ATO) accreditation for all test and operational systemsWorking closely with other technical IPTs to develop and maintain robust, complete, and accurate documentation of the system baseline, to include drawings, diagrams, parts lists, software lists, etc.Working closely with other technical IPTs to verify system design changes, ranging from minor system fixes to large-scale system capability changesIdentifying, assessing, and handling risks and opportunities that impact program schedule, budget, and/or technical performanceParticipating in future proposal work, including basis of estimate and statement of work development for cybersecurity activitiesDeveloping and maintaining a close working relationship with our US Space Force customerStaying up-to-date on the latest cybersecurity news, trends, threats, and developments across the defense industryIdentifying and evaluating new processes, tools, capabilities, and/or resources that can be utilized to improve system cybersecurity compliance and/or program execution of the RMF

If you have a passion for cybersecurity and supporting the critical mission of our warfighters, this position is for you!

This role is full-time and in-person at the COCO-01 Northrop Grumman facility in a classified closed area environment. Duties will require occasional support at Ft. Carson in Colorado Springs, CO (about 15-20 mins drive from the NG facility).

Travel is not anticipated for this role, but openness to potential future short-term CONUS and OCONUS travel assignments is preferred. Note: a non-expired passport is preferred but not required.

Basic Qualifications

For a Principal Cyber Systems Engineer: 5 years relevant cybersecurity experience with Bachelors degree in cybersecurity or related STEM field, or 3 years relevant experience with Masters degree in cybersecurity or related STEM field; 4 years of additional experience may be considered in lieu of degree.For a Sr. Principal Cyber Systems Engineer: 9 years relevant cybersecurity experience with Bachelors degree in cybersecurity or related STEM field, or 7 years relevant experience with Masters degree in cybersecurity or related STEM field; 4 years of additional experience may be considered in lieu of degree.Active IAT Level II (CompTIA Security+) certificationActive Secret security clearanceExcellent written and verbal communication skills with subordinates, peers, and leadersStrong organizational and time management skillsIntermediate proficiency in RHEL OS command line and/or Windows PowerShellApplies intermediate to advanced technical expertise and skillset to independently lead a team in cybersecurity projects and tasks IAW required DoD security and cybersecurity instructions, policies, frameworks, etc., including:Identifying, assessing, and handling risks and opportunities that impact program schedule, budget, and/or technical performanceDeveloping and maintaining POA&M(s)Scanning, reporting, remediating and/or mitigating cybersecurity vulnerabilities discovered through use of audit reduction tools and/or the DISA Automated Security Compliance Assessment Solution (ACAS) tool (Tenable Security Center and Tenable NESSUS Scanner)Performing STIG compliance scans using Xylok or other STIG scanning toolsIdentifying & applying DISA STIGs/hardening systemsPerforming routine system and network patchingPossesses intermediate to advanced understanding and experience with NIST SP 800-37 RMF for DoD Systems, includingCan navigate a team to success IAW NIST/DoD RMF processesHas intermediate to advanced knowledge of SP 800-53 security and privacy controls, as well as selecting and applying the appropriate overlaysHas proven ability to evaluate system and network configurations for compliance with Defense Information Systems Agency (DISA) Secure Technical Implementation Guides (STIG), NIST 800-53 Security Controls and ISO/IEC 15408 Common Criteria to formulate and implement effective, high quality RMF accreditation packages

Preferred Qualifications

For a Principal Cyber Systems Engineer: intermediate to advanced knowledge of security risks & strategies, SIEM, antivirus, proxies, firewalls, and intrusion detection concepts, tools, and processesFor a Senior Principal Cyber Systems Engineer: advanced knowledge of security risks & strategies, SIEM, antivirus, proxies, firewalls, and intrusion detection concepts, tools, and processesExperience in team leadership or management of individual contributorsExperience with gaining and/or maintaining ATO accreditation and working with the SCAExperience developing Ports, Protocols, and Services Matrix (PPSM) IAW DoD Instruction 8551.01Experience developing and managing a schedule for cybersecurity activities, including cross-functional collaboration on interdisciplinary projects and program milestonesExperience implementing DevSecOps practices and principles for release managementExperience and working knowledge of control account management (CAM)Experience or skillset with Microsoft Project for schedulingExperience with satellite communications ground system(s) and/or missile warning system(s)Experience supporting US Space Force development or sustainment program(s) as a defense contractorWorking knowledge and/or experience with JIRA for task assignment, status tracking, and executionBeginner skillset and/or familiarity with Trellix Endpoint Security Solutions (ESS)Experience with Hyper-V and/or VMwarePossesses experience and understanding of Patch Management including tools such as Windows Server Update Services (WSUS) and Red Hat Satellite ServerPossesses working knowledge and experience with SplunkHas experience with configuration of Splunk Forwarders, Splunk Indexes, and Splunk EnterpriseHas experience with development of Splunk Enterprise dashboards to aid in audit log analysis

Salary Range: $107,300.00 - $160,900.00Salary Range 2: $133,000.00 - $199,600.00

The above salary range represents a general guideline; however, Northrop Grumman considers a number of factors when determining base salary offers such as the scope and responsibilities of the position and the candidate's experience, education, skills and current market conditions.

Employees may be eligible for a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results. Employees in Vice President or Director positions may be eligible for Long Term Incentives. In addition, Northrop Grumman provides a variety of benefits including health insurance coverage, life and disability insurance, savings plan, Company paid holidays and paid time off (PTO) for vacation and/or personal business.

The application period for the job is estimated to be 20 days from the job posting date. However, this timeline may be shortened or extended depending on business needs and the availability of qualified candidates.

Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit http://www.northropgrumman.com/EEO. U.S. Citizenship is required for all positions with a government clearance and certain other restricted positions.
Confirm your E-mail: Send Email