As a leader with Northrop Grumman, you always act with integrity, and the highest ethical standards characterize everything you do. You enable your team to achieve predictable and balanced results, while satisfying the needs of internal and external partners. You treat all people with respect, and you model personal growth and continuous development. You know how to build an inclusive environment that attracts, retains, and inspires a diverse and engaged team. You develop trusted and valued customer relationships and communicate effectively, so that people throughout the organization feel engaged and connected to their work. You deliver excellence, strive for continuous improvement and respond vigorously to change. You ensure that your team has the information and tools needed to perform at their best. You demonstrate our committed pursuit of applying innovation to meet the requirements of our customer. You craft and execute strategies that result in sustainable value creation that delivers measurable results.
We are currently seeking a Cyber Information Systems Security Manager 1
to work at our Dulles Campus in Virginia.
This Information Systems Security Manager will supervise a team of Cyber Information Systems Security professionals. The team performs assessments of systems and networks within the networking environment, or enclave, and will identify where those systems and/or networks deviate from the acceptable configuration, enclave policy, or local policy. This is achieved through passive evaluations, such as compliance audits, as well as active evaluations like vulnerability assessments.
This position will help the employees establish strict program control processes to ensure mitigation of risks and supports obtaining certification and accreditation of systems. Includes support of process, analysis, coordination, security certification test, security documentation, as well as investigations, software research, hardware introduction and release, emerging technology research inspections and periodic audits. Assist in the implementation of the required government policy (i.e., JSIG (primarily), NISPOM (DAAPM), ICDs), make recommendations on process tailoring, participate in and document process activities. Perform analyses to validate established security requirements and to recommend additional security requirements and safeguards. Support the formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results and preparation of required reports. Document the results of Assessments and Accreditation activities, technical or coordination activity and prepare the Body of Evidence (BoE) and including updating the Plan of Actions and Milestones (POA&M) as required. Also, periodically conduct a complete review of each system's audits and monitor corrective actions until all actions are closed. This position will ensure the management/coordination with classified programs on the design, testing, and implementing of state-of-the-art secure operating systems, networks, database products, firewalls, and network architectures to meet government classified Cyber Information Assurance compliance requirements. Ensure environments remain compliant and all associated systems/networks achieve and maintain formal accreditation authorizations from government agencies.
The successful candidate will establish an inclusive culture within a diverse environment, and will be responsible for the following:
· Perform as the Manager and supervise a team of Cyber Information Systems Security (CISS) Information System Security Officer (ISSO) and Information system Security Manager (ISSM) Professionals
· Foster an environment for individual development, effective performance management, open communication, financial management, and utilization
· Establishment of a strict program control processes to ensure mitigation of risks and supports obtaining formal Assessment & Authorization of systems
· Assist in the implementation of the required government policy (i.e. DAAPM, JSIG (primary), ICD-503). This may include project management.
· Ensure the team follows Northrop Grumman and the Cyber ISS organizations policies and procedures, making sure that all information is accurate and complete in support of those policies and procedures
· Support the formal Security Assessment process required by the company or government customer
· Effectively communicate with program management teams, the Enterprise Services Program Management Office Team, the Information Technology Organization, and Industrial Security
· Assist in the interview and selection process of new employees
At Northrop Grumman we develop cutting-edge technology that preserves freedom and advances human discovery. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We continue to innovate with developments from launching the first commercial flight to space, to discovering the early beginnings of the universe. Our employees are not only part of history, they're making history. Join us on the edge... the Cutting Edge!
- Master's degree with 3 years of experience; OR a Bachelor's degree with 5 years of experience is required
- Must have a current DoD 8570 IAM level III security certification (examples: CISSP, GSLC, or CISM) or be able to achieve one within 6 months of the hire date.
- Must have project management experience, or must have previous experience managing, supervising, directing, or leading individuals
- Candidate must have a current DOD Top Secret, SCI security clearance with an original adjudication, or a periodic reinvestigation, completed within the last 6 years in order to be considered.
- Must have the ability to obtain, and maintain, access to Special Access Programs as a condition of continued employment
- The ideal candidate will have a Master's Degree Information Assurance, 5 years of experience in Cyber Security, and 1 year of management experience, leading a team of Information Security professionals
- In-depth knowledge of the Special Access Program classified system accreditation process (JSIG) and a basic understanding of the Intelligence Community Assessment and Authorization process (ICD-503) would be nice to have
- Current SCI access level, with ability to obtain SAP/SAR access level, is required
Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit www.northropgrumman.com/EEO. U.S. Citizenship is required for most positions.