Principal Information Security Engineer

Northrop Grumman Annapolis Junction, MD
How do cyber terrorists get past the industries best? They don't. There are too many of us fighting virtual threats, protecting enterprises and entire countries from large-scale attacks. If you are the sort of person who loves a challenge and likes to be involved in serious organizational and software change -- Then this is without a doubt one of the most interesting and exciting times to join an organization like ours. The culture is one of excellence; team work, learning, delivered value and people. We are looking for people who love to learn and take initiative to really make this happen.

Northrop Grumman Mission Systems is seeking a Cyber Security Engineer 5 to join our team of qualified, diverse employees located at Annapolis Junction, MD to serve as the Information Systems Security Engineer (ISSE).

Roles and Responsibilities:

The Information Systems Security Engineer (ISSE) shall perform, or review, technical security assessments of computing environments to identify points of vulnerability, non-compliance with established Information Assurance (IA) standards and regulations, and recommend mitigation strategies. Validates and verifies system security requirements definitions and analysis and establishes system security designs. Designs, develops, implements and/or integrates IA and security systems and system components including those for networking, computing, and enclave environments to include those with multiple enclaves and with differing data protection/classification requirements. Builds IA into systems deployed to operational environments. Assists architects and systems developers in the identification and implementation of appropriate information security functionality to ensure uniform application of Agency security policy and enterprise solutions. Supports the building of security architectures. Enforce the design and implementation of trusted relations among external systems and architectures. Assesses and mitigates system security threats/risks throughout the program life cycle. Contributes to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations. Reviews and/or develops certification and accreditation (C&A) documentation, providing feedback on completeness and compliance of its content. Applies system security engineering expertise in one or more of the following to : system security design process; engineering life cycle; information domain; cross domain solutions; commercial off-the-shelf and government off-the-shelf cryptography; identification; authentication; and authorization; system integration; risk management; intrusion detection; contingency planning; incident handling; configuration control; change management; auditing; certification and accreditation process; principles of IA (confidentiality, integrity, non-repudiation, availability, and access control); and security testing. Support security authorization activities in compliance with Agency Information System Certification and Accreditation Process (NISCAP) and DoD Information Assurance Certification and Accreditation Process (DIACAP) process, the NIST Risk Management Framework (RMF) process, and prescribed Agency business processes for security engineering.

NGCIMSMD

Basic Qualifications:

* 14 years of experience with cyber security engineering

* DoD 8570 compliance with IASAE Level 3 to include both Information Systems Security Engineering Professional (ISSEP) and CISSP Certifications

* Experience with MPO C&A process/workflow

* Experience implementing security policies and controls in accordance with NIST RMF and MPO business processes for security engineering

* Experience developing/updating C&A documentation

* Virtualization experience

* Security scanning (Nessus)

* Network, CentOS, and Windows security understanding

Education: Bachelor's Degree in Information Science, Computer Engineering, Computer Science, Math, or related discipline from an accredited college or university is required

Security Clearance: Active TS/SCI with polygraph is required.

Preferred Qualifications:

* In-depth knowledge of corporate audit storage and asset management/malware protection services

* In-depth knowledge of corporate access control systems

Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit www.northropgrumman.com/EEO. U.S. Citizenship is required for most positions.

Similar jobs you might like