As a leader with Northrop Grumman, you always act with integrity, and the highest ethical standards characterize everything you do. You enable your team to achieve predictable and balanced results, while satisfying the needs of internal and external partners. You treat all people with respect, and you model personal growth and continuous development. You know how to build an inclusive environment that attracts, retains, and inspires a diverse and engaged team. You develop trusted and valued customer relationships and communicate effectively, so that people throughout the organization feel engaged and connected to their work. You deliver excellence, strive for continuous improvement and respond vigorously to change. You ensure that your team has the information and tools needed to perform at their best. You demonstrate our committed pursuit of applying innovation to meet the requirements of our customer. You craft and execute strategies that result in sustainable value creation that delivers measurable results.
The Cyber Information Systems Security team is actively looking for a frontline Manager of Cyber Information Assurance that will manage a team of Cyber Security Exempt and Non-Exempt employees (Security Coordinators, ISSOs, and ISSMs) from our Rolling Meadows, IL location. The team performs assessments of systems and networks within the networking environment, or enclave, and identifies where those systems and networks deviate from acceptable configurations, enclave policy, or local policy. This is achieved through passive evaluations such as compliance audits, as well as active evaluations such as vulnerability assessments. The manager will establishes strict program control processes to ensure mitigation of risks and supports obtaining certification and accreditation of systems. This includes support of process, analysis, coordination, security certification test, security documentation, as well as investigations, software research, hardware introduction and release, emerging technology research inspections and periodic audits.
Additionally, the manager will assist in the implementation of the required government policy (i.e., JSIG), NISPOM (DAAPM primarily), ICDs), make recommendations on process tailoring, participate in and document process activities. They will monitor and perform analyses to validate established security requirements and to recommend additional security requirements and safeguards. The leader will support the formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results and preparation of required reports. And they will make sure that all results of Assessments and Accreditation activities and technical or coordination activity are documented, that the Body of Evidence (BoE) and update the Plan of Actions and Milestones (POA&M) are prepared. Also, they will periodically conduct a complete review of each system's audits, and monitor corrective actions until all actions are closed.
This position will ensure the management/coordination with classified programs on the design, testing, and implementing state-of-the-art secure operating systems, networks, database products, firewalls, and network architectures meet government classified Cyber Information Assurance compliance requirements (NIST, EMAS, RMF, etc.). The role will ensure compliance with all associated systems/networks to achieve and maintain formal accreditation authorizations from government agencies.
The successful candidate will establish an inclusive culture within a geographically diverse environment and will be responsible for the following:
- Managing a team of Cyber Information Systems Security (CISS) Professionals
- Establishing a strict program control processes to ensure mitigation of risks and support obtaining formal Assessment & Authorization of systems
Assisting in the implementation of the required government policy (i.e. DAAPM (primary), JSIG ICD-503). This may include project management
- Ensuring the team follows Northrop Grumman and the Cyber ISS organization's policies and procedures.
- That information is accurate and complete in support of those policies and procedures
- Supporting the formal Security Assessment process required by the company or government customer
- Regularly communicating and coordinating with program management teams, the Enterprise Services Program Management Office Team, the Information Technology Organization and Industrial Security
To learn more about our hiring process for manager positions, please view our, Selecting the Best Qualified Managers video: www.northropgrumman.com/SQMVideo