Staff Cyber Lead – PROGRAM-Top Secret/SCI Required (Space/Satellite Systems)

We are seeking a Staff Cyber Systems Engineer position is for a Cyber Lead on a Space Segment -focused program where the lead will provide Subject Matter Expertise for a new mission.  The core goal is architecting, designing, and building security features into space segment subsystems, components, and flight software.  Prior knowledge and experience applying Cyber / Systems Security Engineering (Cyber/SSE) principles to complex systems in the early system development phase of the lifecycle is essential.  The Cyber Lead is responsible for internal/external stakeholder coordination of Cyber/SSE requirements, development status, milestones, and deliverables.  Exceptional customer intimacy skills are essential.  Additionally, the Cyber lead coordinates multi-disciplinary activities across multiple overlapping threads and engineering specialties --  Flight Software, Cyber Software Security Assurance (CSSA), Launch Integration, Systems Engineering, ISSM, ISSE/CSSE, and ISSO/CSSOs.  The Cyber lead has primary oversight of a CSSE and CSSA activities focused on Cyber CDRL development and Static and Dynamic security scanning of flight software.  As the Cyber Lead, strong technical qualifications are required with demonstrated leadership on complex development efforts.

Additional Responsibilities for a Staff Program Cyber/SSE Lead:

• Working as a programmatic lead in a structured engineering environment, where the Cyber Lead may supervise and prioritize security requirements; identify driving requirements from Cyber Survivability/Resilience, Risk Management Framework (RMF), and/or System/Technical Requirements Document (SRD or TRD); and allocate Cyber/SSE requirements to segment/subsystem/component specifications.
• Leading Cyber/SSE element technical presentations during engineering milestone reviews – SRR, PDR, CDR, and PSR in accordance with our internal Cyber Systems Engineering Standards document.
• As the Cyber/SSE thread-lead, project management experience is crucial, to include experience as a Cost Account Manager (CAM) within large programs required to use Earned Value Management System (EVMS).
• Supervise CSSA processes to include ensuring Static Code Analysis (SCA) tool(s) (e.g. Fortify) are integrated into flight software development environments; triage tools findings to prioritize remediation activities; allocate low priority findings as technical debt in the SwDLC backlog.
• Defining programmatic Cyber guidance to shepherd software development scrum teams on secure coding practices, security-focused engineering trade studies, and other security best practices for our mission unique software development efforts.
• Ensuring the multi-disciplinary team are remediating security tool findings by working with software developers, systems engineers, and other engineering disciplines to resolve technical and programmatic cybersecurity concerns.  A demonstrated ability to work collaboratively and productively with others is an essential skill, as well as distilling and communicating technical cyber backlog (POA&Ms) to internal & external leaders.
• Understanding of Space/Ground interface control documents and security-relevant connectivity considerations at physical, electrical, and logical layers.
• Mastery of RED/BLACK boundary definition, TEMPEST considerations, Crypto units, Cross Domain Solutions, and Controlled Interfaces within space systems.
• Leading other Cyber/SSE personnel in the development of program CDRLs:
  • RMF SSP including SCTM, RAR, POAMs and relevant artifacts (Incident Response Plan, Contingency Plan, ConMon Plan, as appropriate).
  • Key & Certificate Management Plan (KCMP)
  • Program Protection Implementation Plan (PPIP) and Cybersecurity Strategy.
• Ensuring systems are operated, maintained, and disposed of in accordance with security policies and procedures as outlined in the system security authorization package (SSP, SCTM, ConMon Plan, RAR).
• Championing automation efforts across all DevSecOps disciplines to routinely accomplish SCAP SCANs, developing and running NIST 800-53a Verification Procedures and automating manual STIG check lists.

Basic Qualifications:

• Bachelors Degree in STEM field with 14 years IT security (Cybersecurity) experience in support of USG
• 9 years technical leadership experience
• Must have U.S. Citizenship with active or current TS/SCI Clearance
• CISSP Certification
• Familiarity with Systems Engineering processes and milestones; understanding of the requirements analysis, decomposition, and allocation process

Preferred Qualifications:

• 15 years Cyber/SSE experience in the Defense Aerospace Industry
• 5 years experience working within restricted program areas
• Formal EVMS project management training with CAM experience
• Demonstrated engineering leadership experience participating in Systems Engineering milestone reviews, as the cybersecurity focal

#NOVASpace

The health and safety of our employees and their families is a top priority. The company encourages employees to remain up-to-date on their COVID-19 vaccinations. U.S. Northrop Grumman employees may be required, in the future, to be vaccinated or have an approved disability/medical or religious accommodation, pursuant to future court decisions and/or government action on the currently stayed federal contractor vaccine mandate under Executive Order 14042 https://www.saferfederalworkforce.gov/contractors/.

Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit http://www.northropgrumman.com/EEO. U.S. Citizenship is required for most positions.