At Northrop Grumman Aerospace Systems we develop cutting-edge technology that preserves freedom and advances human discovery. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We continue to innovate with developments from launching the first commercial flight to space, to discovering the early beginnings of the universe. Our employees are not only part of history, they're making history.
Northrop Grumman's Aerospace Systems is seeking a Principle Cyber Security Software Engineer
to work closely with Programs, Systems Engineering, Software Engineering, Hardware Engineering and other organizations to ensure our products and development environments are resistant to cyber and other threats, and compliant to government cybersecurity requirements.
The Cyber Security Engineer will join a team of highly skilled and diverse individuals specializing in cyber software solutions. The Cyber team will identify threats and develop appropriate protection measures, review system changes for security implications and recommend improvements, research and draft cybersecurity white papers, and provide top tier support to pre-contract activities, new and existing programs for resolving complex cybersecurity issues.
The candidate should also have strong experience with shell scripting, Configuration Management (GIT), network protocols, embedded and enterprise applications.
The Cyber Software Engineer responsibilities are as follows: *
Engages with programs from concept and design through implementation, test and deployment to develop secure, resilient systems. *
Assists with updating and maintaining documentation, processes, and procedures to include manuals, drawings, system specifications, software assurance plans, security architecture diagrams, security analysis reports, and risk assessments. *
Participates in technical planning, system integration discussions and works alongside verification and validation engineers to create validation plans. *
Assesses cost and risk, supportability and effectiveness for software systems *
Executes vulnerability assessments, ensuring mitigation of risks, and providing support to obtain certification and accreditation of systems. *
Documents the results of Certification and Accreditation activities and prepares the system Security Plans and updates the Plan of Actions and Milestones POA&M. * Perform design, development, analysis, and testing of networks, software and software systems, as well as oversight into the integration of various cyber capabilities into networked computing environments.
- Bachelor's Degree in a STEM discipline (Computer Science/Engineering or related technical field) with 5 years of software engineering experience OR Master's Degree in a discipline with 3 years of software engineering experience.
- Active DoD Secret clearance with the ability to obtain TS/SSBI
- At least one Active DOD 8570 IAT Level II certification: (CCNA Security, CySA+, GICSP, GSEC, Security+ CE, and at least one IA SAE II certification ( CISSP CE, CASP, CSSLP)
- Hands on experience with Modeling tools UML, DoDAF
- Familiarity with compliance verification of Defense Information Systems Agency (DISA) Secure Technical Implementation Guides (STIGs), Service security alerts and bulletins, and DISA/DoD standards, SCAP tools, ACAS, Firewalls, intrusion detection, connotation testing
- Hands on experience with Statistical Analysis Tools, e.g. Fortify, Coverity,
- Master's Degree in Engineering, Computer Science, Computer Engineering, or other STEM discipline
- Active DoD Top Secret/SSBI security Clearance
- Familiarity with proposal development to include Basis of Estimate (BOE) creation
- Experience providing technical expertise for software intensive projects and programs for Government or Industry customers
- Active 8570 Baseline Certification IAT Level III (CASP CE, CCNP Security, CISA, CISSP (or Associate), GCED, or GCIH)
- Risk Management Framework (RMF) experience
- Experience with Vulnerability Research, Reverse Engineering and Exploit Development on embedded systems
- Experience with Network engineering and administration
Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit www.northropgrumman.com/EEO
. U.S. Citizenship is required for most positions.