Northrop Grumman Mission Systems Mission Defense Cyber Team has an opening for a Staff Cybersecurity Systems Engineer (CSSE) supporting the Sentinel program from one of our various Northrop Grumman locations. A Cybersecurity Systems Engineer (CSSE) assess/evaluates the customers’/stakeholders’ cybersecurity requirements to decompose, derive, and refine with clarity the system’s cybersecurity requirements to drive the built-in cybersecurity protections to the architecture and design. The CSSE also guides/supports the security layout / architecture and influences the security tools selection and development. The CSSE evaluates/assess the proposed and realized implementation to identify security risks and verify the cybersecurity protections from the design are realized and integrated. The CSSE guides/supports the development of verification efforts to ensure the cybersecurity protections / capabilities are functional, effective, and complete. A CSSE supports the definition of security governance, and risk management.
As a Staff Cyber Systems Engineer on this team, you will have the following responsibilities:
Author and review requirement decomposition, derivation, and flow down
Implement and review traceability of requirements throughout a spec tree architecture
Support the architecture and design of baked in cybersecurity requirements and protections
Document and review traceability of requirements to the design & its models
Implement and review the application of cybersecurity profile stereotypes to a Model Based System Engineering (MBSE) Architecture
Provide cybersecurity system engineering implementation guidance and oversight to technical teams/implementers
Review and Assess stakeholder security objectives, protection needs and concerns, security requirements, and associated verification/validation methods
Implement, review and assess cybersecurity system requirements verification/validation methods
Identify and/or assess vulnerabilities and susceptibility to life cycle disruptions, hazards, and threats
Provide security considerations to inform systems engineering efforts with the objective to reduce errors, flaws, and weakness that may constitute security vulnerability leading to unacceptable asset loss and consequences
Identify, quantify, and evaluate the costs/benefits of security functions and considerations to inform analysis of alternatives, engineering trade-offs, and risk treatment decisions
Author, support and maintain cybersecurity program documentation & RMF package documentation: Cybersecurity Strategies, System Security Plans, Continuous Monitoring Plans, Risk Assessment Report, Security Control Traceability Matrix, Plan Of Actions & Milestones, etc.
Basic Qualifications for a Staff Cyber Systems Engineer
Bachelor’s degree with 12 years of experience; Master’s degree with 10 years of experience; or a PhD with 8 years of experience in: Electrical Engineering, Computer Engineering, Computer Science, Cybersecurity Engineering, or related technical fields. Will consider 16 years of applied experience in lieu of degree requirement.
Direct Experience utilizing NIST 800-160 system security engineer and/or the system development life cycle
Processing SOW, requirements, architecture, design, implementation, integration, verification & validation, field test, etc.
Direct experience developing RMF assessment and authorization documentation
Current DoD 8570 certification for IASAE Level II (CISSP) and ability to obtain IASAE Level III within 6 months of hire
A current/active DoD Secret clearance.
Must be able to obtain Special Access (SAP) to the program.
The ability to obtain and maintain a DoD Top Secret clearance is required
Preferred Qualifications
System security architecture experience
Experience working with DOORS and CAMEO
Security related tool suite in DevSecOps pipeline (SonarQube, Fortify etc)
Familiarity with Systems Security Engineering (SSE) documentation (e.g. Cybersecurity Strategies, Information Support Plans, Program Protection Plans (PPPs)
Familiarity with Anti-Tamper Plans, Counterintelligence Support Plans, Integrated Threat Assessment Reports, Operations Security Plans, Continuous Monitoring Plans, Defensive Cyberspace Operations Plans, Cybersecurity Strategies, Information Support Plans, Enterprise Architecture Views and NIST SP 800-160
DoD 8570 certification for IASAE III (ISSEP, ISSAP)
Experience with Agile methodologies
Active TS/SCI clearance
Salary Range: $171,000.00 - $256,600.00The above salary range represents a general guideline; however, Northrop Grumman considers a number of factors when determining base salary offers such as the scope and responsibilities of the position and the candidate's experience, education, skills and current market conditions.Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results. Employees in Vice President or Director positions may be eligible for Long Term Incentives. In addition, Northrop Grumman provides a variety of benefits including health insurance coverage, life and disability insurance, savings plan, Company paid holidays and paid time off (PTO) for vacation and/or personal business.The application period for the job is estimated to be 20 days from the job posting date. However, this timeline may be shortened or extended depending on business needs and the availability of qualified candidates.Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit http://www.northropgrumman.com/EEO. U.S. Citizenship is required for all positions with a government clearance and certain other restricted positions.