Posted in

Sr Principal Cyber Systems Engineer – NG Space Systems

Sr Principal Cyber Systems Engineer – NG Space Systems

CompanyNorthrop Grumman
LocationEl Segundo, CA, USA
Salary$151100 – $226700
TypeFull-Time
DegreesBachelor’s, Master’s, PhD
Experience LevelSenior

Requirements

  • 8 Years of relevant experience with Bachelors in Science; 6 Years of relevant experience with Masters; 4 Years of relevant experience with PhD
  • Active DoD Secret clearance required at the time of application
  • System engineering and/or system security engineering experience
  • Experience with RMF and NIST800-53 and developing RMF assessment and authorization documentation
  • Familiarity with Systems Security Engineering (SSE) documentation (e.g. Cybersecurity Strategies, Information Support Plans, Program Protection Plans (PPPs)
  • Familiarity with Anti-Tamper Plans, Counterintelligence Support Plans, Integrated Threat Assessment Reports, Operations Security Plans, Continuous Monitoring Plans, Defensive Cyberspace Operations Plans, IT/Cybersecurity Strategies, Information Support Plans, Enterprise Architecture Views and related documentation IAW DoDI 5000.02, DoDI 5200.39, DODI 5200.44, DODD 5200.47E, DoDI 8500.01, DoDI 8510.01, and NIST SP 800-160
  • Experience in developing and maintaining security documentation, including SSPs, SECONOPS, CONMON, and POA&Ms
  • Experience with obtaining and maintaining a system level Authorization to Operate (ATO) and Interim Authorization to Test (IATT)
  • Ability to work will with other engineers on a high pressure, schedule driven program
  • Familiarity with system architectures, networking, and operating systems (e.g., Linux, Windows)
  • Excellent communication (written and oral), negotiation and interpersonal skills necessary to support known Information Systems Security Engineering type activities/challenges working with engineering teams, management, customers, partners and government
  • Active IAT Level II certification (e.g. Security+), or higher
  • DoD 8570 certification for IAM-III (CISSP, CISM, GSLC, CCISO) or IAT-III (GCIH, CISSP, CASP+, CCNP Security, CISA, GCED)
  • Excellent interpersonal skills with the ability to work both independently and within a team environment

Responsibilities

  • Perform customer requirements elicitation leading to cybersecurity requirements development
  • Review and assess stakeholder security objectives, protection needs and concerns, system security requirements, and associated verification methods per Risk Management Framework (RMF) standards
  • Define, allocate and control Ground Segment cybersecurity requirements to satisfy RMF compliance
  • Identify, quantify, and evaluate the costs/benefits of security functions and considerations to inform analysis of alternatives, engineering trade-offs, and risk treatment decisions
  • Coordinate and collaborate with diverse engineering design teams to assist in managing the technical baseline
  • Define, document, build plan, and manage Information Assurance (IA) or Cybersecurity engineering including security controls traceability and decomposition, security architecture and design, analysis of Security Technical Implementation Guidelines (STIG) mapping
  • Identify and/or assess vulnerabilities and susceptibility to life cycle disruptions, hazards, and threats
  • Implement, review, upgrade, and document STIGs and security controls
  • Create, mature, and present comprehensive and cohesive technical charts representative of the appropriate level of maturation for any given milestone meeting and demonstrate team readiness in relation to achieving the milestone entrance and exit criteria
  • Identify required contractual deliverables and non-contractual documentation and drive corresponding updates to closure
  • Support the design and implementation of automated tools to configure, integrate and test, and deploy hardened environment to meet security controls
  • Assist the program to gain certification of systems, drafting and updating security artifacts

Preferred Qualifications

  • Experience with Agile development
  • Understands methods for hardening and maintaining secure architectures
  • Experience working with eMASS and/or Xacta
  • Experience with Ground and Space systems and/or Command and Control systems
  • Python and shell scripting ability
  • Experience with DevSecOps
  • Experience configuring and maintaining VMware vSphere
  • Basic understanding of IPv4 networking fundamentals
  • Basic understanding of information assurance principles in the DoD environment
  • Possesses knowledge of External/Internal System Security Tools
  • Basic /Advanced Systems Administration in major COTS SW platforms