Sr Principal Cybersecurity Analyst (ISSE) EC
Requisition ID: R10128114
- Category: Information Technology
- Location: Annapolis Junction, Maryland, United States of America
- Citizenship required: United States Citizenship
- Clearance Type: Polygraph
- Telecommute: No- Teleworking not available for this position
- Shift: 1st Shift (United States of America)
- Travel Required: Yes, 10% of the Time
- Positions Available: 1
Northrop Grumman is hiring! Earn up to a $20,000 sign on bonus if you are hired against specific TS/SCI Polygraph positions.
At the heart of Defining Possible is our commitment to missions. In rapidly changing global security environments, Northrop Grumman brings informed insights and software-secure technology to enable strategic planning. We’re looking for innovators, who can help us keep building on our wide portfolio of secure, affordable, integrated, and multi-domain systems and technologies that fuel those missions. By joining in our shared mission, we will support yours of expanding your personal network and developing skills, whether you are new to the field or an industry thought-leader. At Northrop Grumman, you will have the resources, support, and team to do some of the best work of your career.
Northrop Grumman Mission Systems sector is seeking an Information Systems Security Engineer (ISSE) to join our team of qualified, diverse individuals located at Annapolis Junction. Our security professionals support a wide range of systems and programs to ensure confidentiality, integrity, and availability of key infrastructure. The ISSE will perform assessments of systems and networks within the networking environment or enclave and identify where those systems and networks deviate from acceptable configurations, enclave policy, or local policy. This is achieved through passive evaluations such as compliance audits and active evaluations such as vulnerability assessments. Additionally, the ISSO/ISSE will establish strict program control processes to ensure mitigation of risks and supports obtaining certification and accreditation of systems. Includes support of process, analysis, coordination, security certification test, security documentation, as well as investigations, software research, hardware introduction and release, emerging technology research inspections and periodic audits; assist in the implementation of the required government policy (i.e., NISPOM, DCID 6-3), make recommendations on process tailoring, participate in and document process activities. Perform analyses to validate established security requirements and to recommend additional security requirements and safeguards. Support the formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results and preparation of required reports. Document the results of Certification and Accreditation activities and technical or coordination activity and prepare the system Security Plans and update the Plan of Actions and Milestones POA&M. Periodically conduct a complete review of each system's audits and monitor corrective actions until all actions are closed.
- A current and active TS/SCI Clearance with Polygraph is required.
- 9+ years of relevant cyber security/systems security engineering experience with a BS Degree in a STEM field, or an additional 4 years of experience on projects with similar processes may be substituted in lieu of degree.
- Ability to review and support certification and accreditation documentation within the NIST Risk Management Framework (RMF), NSA/CSS Information System Certification and Accreditation Process (NISCAP), NIST 800-53, and CNSSI-1253.
- Experience reviewing technical security assessments of computing environments to identify points of vulnerability, or non-compliance
- Experience with System Security Plan (SSP) maintenance.
- Can recommend system-level solutions to address and resolve security requirements.
- Familiar with supporting software development from a security standpoint (code reviews, security compliance, secure coding practices).
- Capable identifying overall security requirements for the proper handling of customer data.
- Experience with security planning, assessment, risk analysis, and risk management.
- Kubernetes/Container and application level security knowledge, including testing and analysis and security basics.
- Applying security risk assessment methodology to system development, including threat model development, vulnerability assessments, and resulting security risk analysis.
- Able to generate system or network designs that encompass multiple enclaves, including those with different data protection or classification.
- Designs or builds IA into systems deployed to operational environments.
- Familiarity with operating in a Scaled Agile Framework (SAFE Agile Framework).
- IASAE Level 2 compliance - ISC(2) CISSP certification.
The health and safety of our employees and their families is a top priority. The company encourages employees to remain up-to-date on their COVID-19 vaccinations. U.S. Northrop Grumman employees may be required, in the future, to be vaccinated or have an approved disability/medical or religious accommodation, pursuant to future court decisions and/or government action on the currently stayed federal contractor vaccine mandate under Executive Order 14042 https://www.saferfederalworkforce.gov/contractors/.
Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit http://www.northropgrumman.com/EEO. U.S. Citizenship is required for most positions.
What's great about
- Be part of a culture that thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work.
- Use your skills to build and deliver innovative tech solutions that protect the world and shape a better future.
- Enjoy benefits like work-life balance, education assistance and paid time off.
Did you know?
Northrop Grumman leads the industry team for NASA’s James Webb Space Telescope, the largest, most complex and powerful space telescope ever built. Launched in December 2021, the telescope incorporates innovative design, advanced technology, and groundbreaking engineering, and will fundamentally alter our understanding of the universe.