Assoc/Cyber Security Engineer (TS) Space Systems (Dulles)

RELOCATION ASSISTANCE: No relocation assistance available

CLEARANCE TYPE: Top Secret

TRAVEL: Yes, 10% of the Time

Description

At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work — and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history.

This early career Cyber/Systems Security Engineering position performs System Security Engineering (SSE) tasks on Space Programs, with responsibilities across all system segments - Space Segment, Communications Segment, Ground Segment, and in some cases User Segment.  This position requires Top Secret clearance and a cybersecurity certification. 

Duties of the position are working as part of an integrated product team (IPT) to support the following activities:

• Initial tasking will be focused on internal development, test labs, and other off-network enclaves.  These enclaves are maintained in conformance with NIST 800-171 and CMMC security control standards.  Applicants must demonstrate the aptitude to secure very complex systems with conflicting design requirements.
• The major segments of Space Systems include satellite systems, communications links, and ground command & control (C2) systems.
• Design, engineer, implement, test, and deliver space solutions that satisfy cybersecurity criteria including NIST 800-37 Risk Management Framework (RMF) and its associated controls catalog NIST 800-53.  Alternatively, the governance schema may be community specific variations such as ICD-503 or JSIG.
• Design and evaluate system design robustness against additional criteria to demonstrate CyberResilience and/or CyberSurvivability.
• Allocating system-level requirements (commonly expressed as security controls), which includes working as part of the systems engineering team to decompose system-level security requirements across relevant Segments, Subsystems and down to specific Components.
• This allocation process includes requirements associated with secure program protection requirements across Systems Security Engineering specialty areas, or the following disciplines:  Software Security Assurance, TEMPEST, RED/BLACK Separation, COMSEC, TRANSEC, Key Management, Anti-Tamper, and cryptographic component integration/development.  (There is limited exposure to these techniques in our internal, unclassified engineering labs.)
• Performing Attack Surface Analysis (ASA) and preparing Systems Security Plan (SSP) documentation for enclaves/environments that support development, integration & test of complex space systems, including Risk Assessment Reports (RAR), Security Control Traceability Matrices (SCTM), and Security Assessment Plans/Reports.  Technical writing skills and attention to detail are essential skills.
• Contributing to systems development activities, specifically hardening systems to meet secure baseline requirements, such as DISA STIGs or CIS Benchmarks, for Commercial, Off-The-Shelf (COTS) technologies.  And/or supporting, cognizant engineers in the hardening of custom-built hardware/software.
• Contributing to the secure development of custom hardware and software through the establishment and promulgation of secure coding best practices, performing static and dynamic analysis, fuzz testing, code reviews, and analytical methods. 
• Preparing and Executing assessment procedures to verify conformance with Commercial, Federal Civilian agency, Department of Defense (DoD), Intelligence Community, IA/Cyber security controls, and or survivability requirements, as required based on the specified customer/system requirements and risk threshold.
• Performing systems engineering, integration, and test activities for security-critical components, such as firewalls, anti-virus, HIDS/NIDS/HIPS, Cross Domain Solutions, cryptographic devices, and controlled interfaces.
• Conducting secure system maintenance activities as a privileged user, specifically but not limited to performing, routine audit log reviews, scanning for vulnerabilities, and confirming patches applied to COTS software.
• There are very limited opportunities for penetration testing and this position should not be considered a career path for that focus area.

This position can be filled as a level 1 or 2.

Basic Qualifications:

Associate Engineer

• Bachelor’s Degree in any STEM discipline, experience can be considered in lieu of degree
• IT security experience, in any federally regulated industry performing:
  • Implementing the Risk Management Framework (RMF) NIST 800-37 with NIST 800-53 controls, or NIST 800-171 for unclassified, corporate environments
  • Securing complex systems composed of COTS HW/SW
• Any DoD 8570 IT Security certification, such as Security+
• US Citizenship with an active Top Secret Clearance at time of application

Engineer

• Bachelor’s Degree in any STEM discipline with 5 years of experience (Or Masters with 3 years, or a PhD) Experience can be considered in lieu of degree
• 2 years IT security experience, in any federally regulated industry performing:
  • Implementing the Risk Management Framework (RMF) NIST 800-37 with NIST 800-53 controls, or NIST 800-171 for unclassified, corporate environments
  • Securing complex systems composed of COTS HW/SW
• Any DoD 8570 IT Security certification, such as Security+
• US Citizenship with an active Top Secret Clearance at time of application

Preferred Qualifications:

• Bachelors Degree in Electrical Engineering, Computer Science, or Aerospace Engineering
• 2 years Cyber Systems Engineering experience in the Defense Aerospace Industry performing:
  • Security requirements analysis and decomposition
  • Hardening systems composed of both COTS and Custom HW/SW
  • Exposure to national security requirements for classified systems.
• Associate CISSP Certification
• Demonstrated knowledge of Systems Engineering processes, applying security to embedded systems, engineering review milestones and SDLC.
• The Northrop Grumman Tactical Space Division is a strategic partner specializing in commercial and classified partnerships with the design, delivery, operation and sustainment of satellites and human spacecraft.  We support science and space exploration through our various partnerships, including NASA’s Artemis program with the goal to return humans to the Moon in 2024 and the TESS (Transiting Exoplanet Survey Satellite) program that has discovered more than twenty confirmed plants.  Recognized as an industry leader, we also develop highly specialized space and satellite components.

Northrop Grumman offers a competitive and robust benefits program.

As a full-time employee of Northrop Grumman, you are eligible for our robust benefits package including:

Medical

Dental & Vision coverage

401k

Educational Assistance

Life Insurance

Employee Assistance Programs & Work/Life Solutions

Paid Time Off

Health & Wellness Resources

Employee Discounts

Flexible Schedules (For example the ability to work a 9/80 work schedule, which allows an employee to work a nine-hour day Monday through Thursday and take every other Friday off of work)

For more details please visit our total rewards site or chat with one of our recruiters to learn more.

Link: www.northropgrumman.com/benefits

Tags

NGFeaturedJobs

Space System

NoVASpace

DIVSE

MMIC

DevSecOps

#LI-BC1

NGIS-SSEngineering

Cyber: ESCSO

NGCIMSMD

Cyber

InformationSecurity

Salary Range: $72,100.00 - $108,100.00Salary Range 2: $87,200.00 - $130,800.00

The above salary range represents a general guideline; however, Northrop Grumman considers a number of factors when determining base salary offers such as the scope and responsibilities of the position and the candidate's experience, education, skills and current market conditions.

Employees may be eligible for a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results. Employees in Vice President or Director positions may be eligible for Long Term Incentives. In addition, Northrop Grumman provides a variety of benefits including health insurance coverage, life and disability insurance, savings plan, Company paid holidays and paid time off (PTO) for vacation and/or personal business.

The application period for the job is estimated to be 20 days from the job posting date. However, this timeline may be shortened or extended depending on business needs and the availability of qualified candidates.

Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit http://www.northropgrumman.com/EEO. U.S. Citizenship is required for all positions with a government clearance and certain other restricted positions.