Northrop Grumman Cybersecurity A&A Engineer (18-093) in Colorado Springs, Colorado
Northrop Grumman Corporation is a leading global security company providing innovative systems, products, and solutions in unmanned systems, cybersecurity, C4ISR, and logistics and modernization to government and commercial customers worldwide.
Northrop Grumman Mission Systems (NGMS) was selected by the U.S. Missile Defense Agency to participate on the Missile Defense National Team. This team was chartered to develop a Ballistic Missile Defense System for the United States. Missile Defense and Protective Systems (MDPS) serves as Northrop Grumman Mission Systems' focal point for all activities associated with missile defense, including Command, Control, Battle Management and Communications (C2BMC), simulation & modeling, systems engineering, and target discrimination.
We are seeking an experienced Cybersecurity Assessment and Authorization (A&A) Engineer to help support a program located in Colorado Springs, CO.
The successful candidate will have a working knowledge of 8500.2 and SP 800-53 controls to create and/or update DIACAP/RMF accreditation packages.
The candidate will be expected to communicate and work closely with process and system owners, information technology management, IA peers, Program Office technical/management staff and other C2BMC Functional Areas to ensure the relevance of architecture and system designs in implementing program IA requirements.
The majority of the A&A work will include technical documentation, working accreditation packages in eMASS, assessing IA vulnerabilities, engineering responses for system POA&Ms, conducting risk analysis for Risk Acceptance Requests (RARs) and providing IA support to C2BMC program and customer meetings.
The Cybersecurity A&A Engineer will work collaboratively on a team and reports directly to the Cybersecurity Sustainment Task lead.
The position requires security engineering skills with a working knowledge of Must have experience in the Cybersecurity Lifecycle to include: generating IA requirements, creating IA architecture design, configuring IA audit tools, conducting IA verification and performing IA compliance.
Technical document preparation and verbal communication skills are required for presentation of technical IA issues and reports to the Government, Program Management and other C2BMC Functional Areas.
Bachelor's Degree (engineering or ITrelated) and 5 years of work related experience or 3 years experience with a Masters degree or 9 years experience in lieu of a degree
Active Secret clearance is required
DoDI 8570 certification (GSEC, Security+, SCNP, SSCP) or higher.
The position requires recent hands on Assessment & Authorization (A&A) experience creating DIACAP and/or RMF accreditation packages.
The position requires a strong working knowledge of IA concepts such as patch management, two-factor authentication, host-based security, intrusion detection, security event management and defense-in-depth.
Must have experience in IA requirement generation, IA architecture design, IA audit tools and IA compliance for mission systems.
CISSP Certification is highly desirable.
Network design and software engineering backgrounds are a plus.
Desired experience hardening Windows and Linux servers and workstations in accordance with GPOs, IAVMs and STIGs.
Desired recent experience creating and updating A&A packages (DIACAP and/or RMF) with eMASS tool.
Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit www.northropgrumman.com/EEO . U.S. Citizenship is required for most positions.