Staff Cyber Info Systems Security Analyst

At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work — and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history.

Information Systems Security Professionals, We Want You!

Cyber assets everywhere are under siege from a wide spectrum of threats. Almost daily, these threats grow in sophistication, breadth, and speed.

At Northrop Grumman, we take a holistic approach to cyber security, looking at the whole cyber landscape of people, processes and technology and the whole security realm of offense, defense, and exploitation. Thought leadership demands nothing less. Join the Northrop Grumman team as we provide legendary program support to advanced, secure, and agile systems and solutions.

We are seeking Cybersecurity Professionals to support information systems security lifecycle activities. Perform assessments of systems within the networking environment or enclave and identify where those systems and networks deviate from acceptable configurations, enclave policy, or local policy. This is achieved through passive evaluations such as compliance audits and active evaluations such as vulnerability assessments.

In the position of the Staff Information Systems Security Professional (ISSO) you will perform assessments of systems and networks within the networking environment and identify where those systems and networks deviate from acceptable configurations or policy.  Assist in the implementation of the required government policy (i.e., NIST, NISPOM, DAAPM) and participate in and document process activities.  Periodically conduct a complete review of each system's audits and monitor corrective actions until all actions are closed.  Will be responsible for ensuring the appropriate operational security posture is maintained for a system.  You will be working closely with the entire security team within the risk management framework (RMF) to obtain authorization for, and maintain, Information Systems. The ISSO assists the Information Systems Security Manager (ISSM) in meeting their duties and responsibilities.

Responsibilities of the ISSO include, but are not limited to:

• Perform assessments of systems and networks within the networking environment or enclave and identify where those systems and networks deviate from acceptable configurations, enclave policy, or local policy.  This is achieved through passive evaluations such as compliance audits and active evaluations such as vulnerability assessments.

• Creating, submitting, and maintaining authorization and accreditation packages for classified information systems.

• Serve as an advisor to the ISSM, management, your team, and your co-workers for all security topics regarding the information systems in your area of responsibility.

• Interface and coordinate Security efforts with Industrial Security, IT, Program Management and Operations in an exciting, cutting-edge environment.

• Develop, implement, maintain, and monitor systems to safeguard information systems & data from external and internal threats.

• Work closely with government, customer, and company peers to test and review information systems to ensure the highest levels of security for systems and information you protect.

• Assist in the implementation of the required government policy (i.e., NIST, NISPOM, DAAPM), make recommendations on process tailoring, participate in and document process activities.

• Perform analyses to validate established security requirements and to recommend additional security requirements and safeguards.

• Participate in the Cyber Security education and awareness of your colleagues to ensure an engaged workforce that will be the eyes and ears you need to maintain a world class security organization.

• Document the results of Certification and Accreditation activities and technical or coordination activity and prepare the system Security Plans and update the Plan of Actions and Milestones POA&M.

• Periodically conduct a complete review of each system's audits and monitor corrective actions until all actions are closed.

The successful candidate will establish an inclusive culture within a diverse environment. 

Basic Qualifications:

• Must have, at minimum, a Master's degree with 12 years of relevant experience; OR a Bachelor’s degree with 14 years of relevant experience; OR an Associate’s degree with 16 years of relevant experience; OR a High School Diploma/GED with 18 years of relevant experience is required.

• Must have a DoD 8570 IAM level III, security certification (examples: CISSP, CISM, Etc.).

• Candidates must have a current DoD Secret level security clearance, to include a closed investigation date completed within the last 5 years in order to be considered.

• Demonstrated experience in networking and complex architectures to include cross domain solutions.

• Demonstrated experience with NIST 800-53 policies, WAN auditing reviews IAW DAAPM requirements, & writing entire RMF Bodies of Evidence to obtain and maintain ATO for classified systems.

Preferred Qualifications:

• Bachelor’s degree in Cyber Security, a CISSP or CISM, and 9 years of experience with Certification and Accreditation of classified systems and Risk Management Framework.

• Knowledge of ACAS/NESSUS, SPLUNK, SCAP, POA&Ms, NIST, system audits, vulnerability scanning, and DAAPM system security package development are highly desirable.

• Efficient, proactive, responsive team player with excellent written and oral communication skills; able to interface effectively with all levels of corporate management and government customers.

• Highly organized with ability to manage multiple priorities and time sensitive deliverables. Hands on, self-starting, disciplined and detail-oriented individual with ability to work independently in a high-volume environment.

Salary Range: $161,000 USD - $241,400 USD

Employees may be eligible for a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results. Employees in Vice President or Director positions may be eligible for Long Term Incentives. In addition, Northrop Grumman provides a variety of benefits including health insurance coverage, life and disability insurance, savings plan, Company paid holidays and paid time off (PTO) for vacation and/or personal business.

The health and safety of our employees and their families is a top priority. The company encourages employees to remain up-to-date on their COVID-19 vaccinations. U.S. Northrop Grumman employees may be required, in the future, to be vaccinated or have an approved disability/medical or religious accommodation, pursuant to future court decisions and/or government action on the currently stayed federal contractor vaccine mandate under Executive Order 14042 https://www.saferfederalworkforce.gov/contractors/.

Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit http://www.northropgrumman.com/EEO. U.S. Citizenship is required for most positions.