Principal Cyber Systems Engineer

Put your skills to the test by pushing the boundaries of what’s possible. From global defense to sustainment and modernization to mission readiness, your experience and ability will make it a reality. Our programs are built on equal parts of curiosity and collaboration. Our combined effort means our customers can connect and defend millions of people around the world. With Northrop Grumman, you’ll have the opportunity to be an essential part of projects that will define your career, now and in the future. 

Northrop Grumman Defense Systems is currently seeking a Principal Cyber Systems Engineer for a new and exciting effort located at Edwards AFB, CA. We're looking for a highly motivated, team oriented, individual that understands security and the importance to our mission. The candidate will be responsible for the secure operations of cloud infrastructure, platforms, and software, including the installation, maintenance, and improvement of cloud computing environments. They will also help develop new designs and security strategies across cloud-based applications and Infrastructure as Code (IaC). The candidate will act as a Cyber Subject Matter Expert (SME) and ensure compliance with the Risk Management Framework. 

Responsibilities: 

• Design, plan, implement, and perform assessment of security controls, polices, and processes compliance with National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, CNSSI 1253, and DoD RMF Knowledge Service guidance. 

• Participate in assessment of systems security controls to validate control implementation and identify weaknesses. 

• Document the results of Certification and Accreditation activities, technical or coordination activity, prepare the system Security Plans, and update the POA&M. 

• Periodically conduct a complete review of each system's audits and monitor corrective actions until all actions are closed- Implementation, automation, configuration and maintenance of security tools, centralized authentication solutions, IDS/IPS, and compliance baselines.

• Provide advanced technical analyses of cyber infrastructure challenges and problems; develop/identify technical solutions responsive to customer needs.

• Participate in team reviews of technical requirements, design and implementation plans prior to deployment. 

• Recommend and implement system enhancements that will improve the performance, reliability, and security of the system including installing, upgrading, monitoring, problem resolution, and configuration. 

• Serve as a Cyber Security engineer (ISSE) supporting high-level technical and practical expertise. 

• Assures the implementation of Cyber Security disciplines, including COMSEC, COMPUSEC, EMSEC, OPSEC, digital communications systems, network protocols and architectures, and penetration tools and techniques. 

• Support the continuous assessment of IA Control compliance for systems within their responsibility. 

NGSkills

 
Basic Qualifications: 

• Must have High School Diploma or equivalent (GED) and 9 years of applied experience. Will consider 5 years of applied experience with a Bachelor’s degree in a STEM related field; 3 years with Masters. 

• Must have an active Secret Clearance, with a PR within last 5 years. 

• Must be able to obtain Special Program Access prior to onboarding and then maintain. 

• Must have at minimum a current DoD 8570 IAT Level II Certification (Security+CE).   

• Experience in preparing and/or reviewing technical and programmatic documentation. 

• Experience translating technical concepts and program information to others. 

• Solid understanding of planning, design, and implementation necessary to support a large enterprise system. 

• Working knowledge of NIST 800-37 RMF body of evidence artifacts such as SSP, SCTM, PoA&M’s, SAR, RAR, RAL, ConOps, ISA, etc.  

• Working experience deploying and configuring Linux and Windows systems in accordance with DoD STIG requirements.   

• Experience with configuring Security Incident Event Monitoring and IDS/IPS tools such as ACAS, ESS (HBSS), and Splunk on Linux RedHat and Windows environments.  

• Experience with vulnerability and compliance scanners such as Tenable.SC and SCAP. 

• Experience with CDS technology, security, and compliance requirements. 

• Experience with cloud environments supporting the configuration design, integration, sustainment, and retirement of systems.  

• Experience scripting security processes in efforts to establish redundant, consistent and automate baselines across multiple systems. 

Preferred Qualifications: 

• DoD 8570 IAM II/III Certification (CAP, GLSC, CISSP, CASP CE). 

• DoD 8500-series and 8510.01 IA policy directives, approaches to cyber security, knowledge of security procedures, IATT and ATO requirements. 

• Excellent communication (written and oral), negotiation and interpersonal skills necessary to support known ISSE activities/challenges working with engineering teams, management, customers, partners and government. 

• Experience with Dell, Cisco, Palo Alto and other next generation switches and firewalls. 

• Experience with SDLC and DOORs application. 

• Experience with cloud solutions like Azure and AWS.