Apply on Employer Site

Northrop Grumman · 1 day ago

Cyber Systems Engineer - Level 2 - R10217650

Huntsville, AL

Full-time

Onsite

Entry, Mid Level

$96K/yr - $144K/yr

2+ years exp

Northrop Grumman is a leading aerospace and defense technology company, and they are seeking a Cyber Systems Engineer – Level 2 to join their team in Huntsville, AL. The role involves supporting the Ground Weapons System program with a focus on cybersecurity compliance and system security requirements throughout the development lifecycle.

AerospaceData IntegrationManufacturingRemote SensingSecurity

Growth Opportunities

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Manage Configuration Control Board (CCB) meetings to include management of Information System with emphasis on Change Management for proposed software/hardware changes, focusing on potential security impacts, risks, and compliance requirements IAW with NIST SP 800-53

Serve as a subject matter expert on RMF, software assurance, security impact analysis, and security controls by offering recommendations and guidance to the board and stakeholders

Review and Assess system security requirements and associated verification methods per RMF standards

Identify and/or assess vulnerabilities and susceptibility to life cycle disruptions, hazards, and threats

Provide security considerations to inform software engineering efforts with the objective of reducing errors, flaws, and weaknesses that may constitute security vulnerability leading to unacceptable asset loss and consequences

Identify, quantify, and evaluate the costs/benefits of security functions and considerations to inform analysis of alternatives, implementation trade-offs, and risk treatment decisions

Design, plan, implement, and perform assessment of security controls, polices, and processes compliance with National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, CNSSI 1253, and DoD RMF Knowledge Service guidance

Participate in team reviews of technical requirements, design and implementation plans prior to deployment

Assist with ensuring the product requirements integrate into the total systems solutions that acknowledge technical, schedule, and cost constraints

Qualification

Cybersecurity expertiseRisk Management FrameworkDoD 8140/8570 certificationAgile methodologiesITIL frameworkWindows/Linux operating systemsLearning new technologiesCommunication skillsCritical thinkingTeam collaborationProblem-solving

Required

Bachelor's Degree in a STEM (Science, Technology, Engineering or Mathematics) discipline from an accredited university and 2 years of cyber systems engineering experience, or a Master's Degree in a STEM field with 0-2 years of cyber systems engineering experience

Ability and willingness to travel up to 10% of the time to support business needs

Applicants must have a current active in-scope U.S. Government DoD issued Secret security clearance at the time of application which is required to start

Must currently possess DoD 8140/8570 certification (e.g. Security+ CE)

Experience with Agile software development methodologies

Experience with ITIL framework, with hands on experience designing, implementing, and managing IT service management processes (Incident, Problem, Change, Release, Service Request, and Continual Service Improvement)

Experience with Risk Management Framework IAW with NIST SP 800-53

Experience in developing and implementing a security baseline and must be able to communicate their significance and relevancy in a clear, detailed manner

Applicants must possess excellent written and verbal communication skills

Applicants must demonstrate ability to think critically and capture concepts in work products, presentations, and discussions

Capable of working both independently and within a team environment

Experience with Windows/Linux operating systems and Virtual Machines (VMs)

Understanding of the software development lifecycle and agile development methodology

Preferred

Experience working on the Ground-based Midcourse Defense (GMD) Weapon System (GWS) program

Experience with the implementation of Public Key Infrastructure (PKI) solutions and compliance

Familiarity with Java, C++, or Python

Experience with Information Technology Service Management (ITSM) Solution such as ServiceNow, ServiceDesk Plus, or Jira Service Manager

Experience with Atlassian tool suite and DevSecOps (Jira, BitBucket, Confluence, Artifactory, Jenkins)

Experience using software test automation tools/frameworks (e.g. Eggplant)

Experience working with Systems Engineering disciplines

Experience with using modern code editors (e.g. Visual Studio Code)

The ability to learn new technologies quickly and independently solve problems in a fast-paced environment

Experience working with Nessus Vulnerability Scanner and Synopsis Blackduck Binary Analyzer

Experience working with static and dynamic code analysis

Experience with Cyber Resiliency, Software Assurance, Attack Surface Analysis, Threat Assessment, Operations Security Plans, Defensive Cyberspace Operations, IT/Cybersecurity Strategies, Enterprise Architecture frameworks (e.g. DoDAF), and related documentation IAW DoDI 8500.01, DoDI 8510.01, and NIST SP 800-53

Certification at or exceeding IASAE level 1 (CISSP or CASP minimum and CISSP-ISSEP for Level III)