Northrop Grumman RMF Cyber Systems Engineer 2 or 3 in Orlando, Florida
RMF Cyber Systems Engineer 2 or 3
Requisition ID: 18005572
Location(s): United States-Florida-Orlando
US Citizenship Required for this Position: Yes
Relocation Assistance: Relocation assistance may be available
Travel: Yes, 25 % of the Time
Northrop Grumman Mission Systems is looking for a RMF Cyber Systems Engineer to join our team in Orlando, FL.
The Cyber Systems Engineer will provide expertise in the implementation of Department of Defense (DoD) Risk Management Framework (RMF) in accordance with DoDI 8510.01.
• Provide analysis, and security assessments to ensure compliance with National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, CNSSI 1253, and DoD RMF Knowledge Service guidance.
• Support the development of RMF documentation such as Plans, Policies, and procedures.
• Support execution or assessment of RMF control test procedures and perform artifact/evidence mapping
• Maintain vulnerability management plan
• Develop content for submission to the government via eMASS to obtain or maintain an package for a RMF based ATO
• Support the continuous assessment of Security Control compliance for the program
• Creates milestones, metrics and monitors adherence to Vulnerability resolution plans and CDRL schedules, identifies problems and obtains solutions, such as allocation of resources or adapting to changing contractual specifications.
• Create Plan of Action and Milestones (POA&M) for remediation and non-compliance activities. Monitor execution of POA&M. Support developing risk acceptance mitigations and reasoning as necessary.
• Communicate clearly and effectively with the development team and management.
• Develop and maintain service level agreements (SLA)
• Provide Cyber Security Impact Assessments (CIE) for introduction of new technologies or products into a system. This activity may involve reviewing drafts by others, or directly creating CIEs.
• Over time, grow and develop into RMF Expert with the ability to perform responsibilities with minimal supervision and assistance.
A qualified candidate must be able to work in a dynamic and fast paced team environment.
Up to 25% TRAVEL
M-F, 9/80 work schedule available
This requisition may be filled at a higher grade based on qualifications listed below.
This position may be filled at the Level 2 or Level 3
• Education/Experience Level 2: Typical Minimum Education / Experience: 2 Years with Bachelors in Science; 0 Years with Masters / an additional 4 years of experience can be substituted for degree requirement
• Education/Experience Level 3 : Typical Minimum Education / Experience5 Years with Bachelors in Science; 3 Years with Masters; 0 Years with PhD./ an additional 4 years of experience can be substituted for degree requirement
• Must be able to obtain DoD 8570 Certification for IAM Level I or higher within two (2) months of starting (CAP, GSLC, Security CE) (reference: http://iase.disa.mil/iawip/Pages/iabaseline.aspx for list of qualified certifications).
o NOTE: Education assistance may be available to assist in completion of certification once employment starts.
• Must be a US citizen and obtain an interim secret security clearance within 6 months of starting
• 1 years of systems engineering/systems administration type experience
• DIACAP or RMF (documentation) experience in either practical or educational settings
• Must have practical work experience creating policies or procedures to comply with NIST SP 800-153 controls
• Must have practical work experience developing artifacts and collecting evidence in response to CCI or RMF controls to demonstrate compliance
• Must have practical work experience developing and managing a POA&M for an enclave
• Must have practical work experience performing assessments of RMF controls for an ATO
• Must have experience implementing DISA STIGs or reviewing technical STIG checklists
• Must possess a technical background with sufficient skills and knowledge to interpret and communicate with other engineers on IT systems (e.g. Basic computer networking and systems administration)
• Must possess ability to clearly articulate in writing, and be able to develop clear security guidance.
• Candidate should have good interpersonal skills and be willing to work on a team project
• DoD 8500-series and 8510.01 Cybersecurity policy directives
• Approaches to cyber security
• knowledge of security procedures
• ATO requirements
• Security CE
• Formal RMF Training
• eMASS training
• Operating System training or certifications (e.g. Microsoft MCSA for Windows Server 2012/2016 or Windows 10)
• Other technical certifications a plus
Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit www.northropgrumman.com/EEO . U.S. Citizenship is required for most positions.
Title: RMF Cyber Systems Engineer 2 or 3
Requisition ID: 18005572