Join Northrop Grumman on our continued mission to push the boundaries of possible across land, sea, air, space, and cyberspace. Enjoy a culture where your voice is valued and start contributing to our team of passionate professionals providing real-life solutions to our world’s biggest challenges. We take pride in creating purposeful work and allowing our employees to grow and achieve their goals every day by Defining Possible. With our competitive pay and comprehensive benefits, we have the right opportunities to fit your life and launch your career today.
Embark on a career putting innovative, reliable, and agile products and ideas into orbit, and beyond. Northrop Grumman has opportunities waiting for you that play a vital role in human space exploration, national defense, and scientific discovery, supporting multiple programs across the universe. With us, you’ll discover a culture of curiosity and collaboration that will have you Defining Possible from the day you start. Our defense systems connect and protect millions of people on earth every day, now and for the future. Explore your future and launch your career today.
What You’ll Get To Do:
• Develop, submit, and maintain Authorization to Operate (ATO) packages for DCSA compliance, ensuring adherence to security requirements and regulations.
• Work within the eMASS system to manage and track ATO packages, coordinating with various stakeholders throughout the approval process.
• Collaborate with various teams to understand and gather system artifacts for security compliance verification.
• Establish strict program control processes to ensure mitigation of risks and support obtaining certification and accreditation of systems; this includes support of process, analysis, coordination, security certification test, security documentation, as well as investigations, software research, hardware introduction and release, emerging technology research inspections, and periodic audits.
• Assist in the implementation of the required government policy (i.e., JSIG, DAAPM) and make recommendations on process tailoring, and participate in and document process activities.
• Perform analyses to validate established security requirements and to recommend additional security requirements and safeguards.
• Support the formal Security Test and Evaluation (ST&E) required by each government authority through pre-test preparations, participation in the tests, analysis of the results, and preparation of required reports.
• Document the results of Assessment and Authorization activities and technical or coordination activity and prepare the system Security Plans and update the Plan of Actions and Milestones POA&M.
• Periodically conduct a complete review of each system's audits and monitor corrective actions until all actions are closed.
Position Benefits
As a full-time employee of Northrop Grumman, you are eligible for our robust benefits package including
• Medical, Dental & Vision coverage
• 401k
• Educational Assistance
• Life Insurance
• Employee Assistance Programs & Work/Life Solutions
• Paid Time Off
• Health & Wellness Resources
• Employee Discounts
This positions standard work schedule is a 9/80. The 9/80 schedule allows employees who work a nine-hour day Monday through Thursday to take every other Friday off. This role may offer a competitive relocation assistance package.
Basic Qualifications:
• 5 years of relevant experience with a Bachelors degree, 3 years experience with a Master's degree, or 1 year with PhD. An additional 4 years of direct cybersecurity experience may be considered in lieu of a degree.
• Current DoD Top Secret level security clearance with an original adjudication, or a periodic reinvestigation date, completed within the last 6 years; maintaining the required security clearance will be a condition of continued employment.
• Current DoD 8570 IAM Level II security certification (i.e CGRC, CISSP, etc.)
• Experience developing, submitting, and maintaining ATO packages as well as updating artifacts within eMASS.
• Experience performing vulnerability scans using Tenable & Splunk. Can independently troubleshoot failed or non-credentialed scans.
• Demonstrated expert knowledge of cybersecurity practices, network technologies, and system development life-cycles, in addition to an understanding of information technology infrastructure management/monitoring and applications.
• Possesses strong attention to detail and interpersonal skills.
• Can work with minimal supervision, both independently and within a team.
• Proficient with Microsoft Office Tools (Excel, Word, PowerPoint).
Preferred Qualifications:
• Working knowledge of ATO packages and the eMASS system.
• Working knowledge and experience with NIST RMF.
• Working knowledge and understanding of auditing, vulnerability scanning/remediation, SIEMs, DISA STIGs, configuration/change control, and implementation of Risk Management Framework.
• Experience managing a POA&M and identifying a handling plan for specific vulnerabilities
• Strong verbal and written communication skills to produce coherent and concise documentation required for certification evaluation.