Northrop Grumman Information Systems Security Engineer in Annapolis Junction, Maryland
Information Systems Security Engineer
Requisition ID: 18004777
Location(s): United States-Maryland-Annapolis Junction
US Citizenship Required for this Position: Yes
Relocation Assistance: Relocation assistance may be available
Travel: Yes, 10 % of the Time
Northrop Grumman Mission Systems is seeking a Cyber Security Engineer to join our team of qualified, diverse individuals located at Annapolis Junction, MD.
Roles and Responsibilities:
• Ensuring that the appropriate operational security posture is obtained, monitored, and maintained for multiple mission information systems throughout their lifecycle. Must possess in-depth knowledge and understanding of the intent of the DCID 6/3, NIST 800-53 and CNSS 1253 security controls required to obtain, manage, and monitor all security aspects of an information system from cradle-to-grave. Candidate is required to coordinate the day-to-day security operations of the information systems with System Administrators, System Engineers, Software Distribution, Patch Management, and Sustainment Teams. Position serves to interpret and develop security policies, provide mentorship and guidance to other security engineers, lead security meetings, gather and report program IT security metrics, and serve as the program ISSO/ISSE representative at key stakeholder meetings with customer representatives.
• Providing system vulnerability testing using COTS and GOTS based tools, and generate security finding reports. Must be able to build NIST 800-53 and CNSS 1253 security control test cases.
• Responsibilities will include; but are not limited to:
• Reviewing, analyzing and documenting the secure implementation of logical controls, physical controls, environmental controls, personnel security, incident handling, security relevant changes, continuous monitoring activities, audit log review, analysis and reporting.
• Additionally, the candidate is responsible to develop SOPs and provide security training and awareness of the Information System to both privileged and non-privilege users.
• Minimum 5 years in a technical role, providing technical expertise for software intensive projects and programs for Government or Industry customers
• Minimum 3 years as a Security Engineer supporting software architecture development.
• Possess at least 3 years experience performing day-to-day ISSO responsibilities with at least 4 years of experience within the IC community managing and maintaining SSP’s within Xacta.
• Apply current computer science technologies and IA requirements to the analysis, design, development, evaluation, and integration of computer/communication systems and networks to maintain an acceptable system security posture throughout the lifecycle of multiple national level mission systems.
• Coordinate and work with various system stakeholders to determine the applicable security/IA requirements based on the intent of the NIST 800-53, CNSS 1253 and DCID 6/3 security requirements.
• Proven ability to manage and maintain System Security Plans (SSPs) from inception through decommissioning following the NSA Risk Management Framework process within Xacta for national level mission systems.
• Coordinate with program management and other stakeholders to track and maintain risks associated with multiple mission Information Systems to ensure compliance with all IA requirements and national level directives.
• Knowledge in Multi-level Security/Cross Domain systems and operations with special requirements such as Program Protection, Anti-Tamper, Red/Black Separation and OPSEC are assets.
• Experience in the management and maintenance of systems required to satisfy the Certification and Accreditation requirements under the NIST 800-37, NIST 800-53, DCID 6/3, and the CNSS 1253 is highly desired.
• Experience with analysis, disposition, and evaluation of both hardware and software in support of Intelligence Community (IC), Department of Defense, in addition to Federal Sector Government Agencies.
• Experience with any of the following COTS security tools: Nessus, Nmap, AppScanner.
• Certification: Current in at least one of the following 8570 IAT Level III certifications: CASP, CISSP, CISA, GCED, GCIH or GSEC
• Knowledge in Multi-level Security/Cross Domain systems and operations with special requirements such as Program Protection, Anti-Tamper, Red/Black Separation and OPSEC are assets
Bachelor’s Degree in Computer Science, Systems Engineering, Information Assurance, or related discipline from an accredited college or university is required Four (4) years of additional software engineering experience on projects with similar software processes may be substituted for a bachelor’s degree.
Security Clearance: Active TS/SCI with Polygraph is required.
Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit www.northropgrumman.com/EEO . U.S. Citizenship is required for most positions.
Title: Information Systems Security Engineer
Location: Maryland-Annapolis Junction
Requisition ID: 18004777