Principal Cybersecurity Analyst – JEMINI Security Test Engineer (24-370)

Posted:
10/9/2024, 8:26:08 AM

Location(s):
Colorado Springs, Colorado, United States ⋅ Colorado, United States

Experience Level(s):
Senior

Field(s):
IT & Security

Workplace Type:
On-site

RELOCATION ASSISTANCE: No relocation assistance available

CLEARANCE TYPE: Top Secret

TRAVEL: Yes, 10% of the Time

Description

At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work — and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history.

Northrop Grumman Space Systems – Launch and Missile Defense Systems has an exciting career opportunity for a Principal Cybersecurity Analyst – JEMINI Security Test Engineer (24-370) to join our team of qualified, diverse individuals. This position will be located at Schriever Space Force Base, Colorado Springs, CO.

Position Overview:

The Command and Control, Battle Management, and Communications (C2BMC) program integrates the Missile Defense System. It is a vital operational system that enables the U.S. president, secretary of defense, and combatant commanders at strategic, regional, and operational levels to systematically plan ballistic missile defense operations, to see the battle develop collectively, and to dynamically manage designated networked sensors and weapons systems to achieve global and regional mission objectives. C2BMC supports a layered missile defense capability that enables an optimized response to threats of all ranges in all phases of flight. C2BMC is the force multiplier that globally and regionally networks integrate, synchronizing autonomous sensor and weapon systems and operations to optimize performance. C2BMC is integral to all system ground and flight tests, which verify and exercise all current and future missile defense system capabilities.

Essential Functions:

  • Strong knowledge of information assurance technology and DoD cybersecurity certification requirements, including hands-on experience in a broad range of information assurance operations-related functions and technologies.
  • Demonstrated experience in DoD operational computing environments and possess the ability to work as part of an integrated cybersecurity team tasked with designing, engineering, testing, certifying, and delivering a secure and global Ballistic Missile Defense System (BMDS) communications system.
  • Excellent interpersonal skills and a demonstrated ability to support complex organizational relationships are required.
  • Excellent technical document preparation skills and verbal communication to present technical cybersecurity issues and reports to senior government and military officials.
  • Develop and utilize a program-level Cyber Test Plan that outlines how testing will be performed from patches, CTOs, and applied STIG settings to ensure system functionality is not degraded.
  • The Test Plan should be able to span two different environments at differing classifications.
  • Develop and utilize a test artifact template to be used during testing that outlines what patches, STIG settings, or CTOs that are involved in the functional test and outcomes due to the test event.
  • Develop and utilize a Security Test and Evaluation (ST&E) for Windows and RHEL operating systems ensuring all STIG and security controls are operating as intended.
  • Coordinate with on-site cybersecurity, system administration, network administration, and Test personnel on installing patches and testing to rectify vulnerabilities identified through vulnerability scanning techniques.
  • Develop a tracking mechanism and Plan of action and milestones when patches and STIG settings can't be applied as required during mandated timeframes.
  • Utilization of automated security configuration tools (e.g., ConfigOS) to scan and test STIG configurations

Basic Qualifications:

Please note your updated security clearance and IAT/relevant certifications on your resume, if applicable.

  • An active Top Secret clearance is required to start.
  • 5 years with a Bachelor’s degree in an Engineering-related field; 9 years experience instead of a degree.  Or 3 years with a Master’s degree in an Engineering-related field.
  • Must possess a DoD 8140 certification at IAM – Level II or higher (Security+, GSEC, SCNP, SSCP, CISSP, CAP, CASP+CE, CISM, CISA, GSE, SCNA)
  • Must have a working knowledge of eMASS, JOINT SPECIAL ACCESS PROGRAM (SAP) IMPLEMENTATION GUIDE (JSIG), Common Criteria, and National Information Assurance Partnership (NIAP).
  • Develop and institute test plans and provide unit-level release testing.
  • Test responsibility will involve integration, verification testing, system testing, and field testing, ensuring security patches and STIG security configurations are operating as intended and do not degrade the functionality of the system.
  • Security engineering skills with an in-depth knowledge of cybersecurity technology and security control requirements.
  • Excellent technical document preparation skills and verbal communication to present technical information assurance issues and reports to senior management.
  • Solid RHEL, Windows, networking, and firewall security configuration experience. Includes a strong understanding of Security Technical Implementation Guides (STIGS) and the development of security control testing documentation.
  • Experience with security products such as vulnerability scanning, network assessment tools, and automated security configuration tools (e.g., ConfigOS).
  • Demonstrated experience in:
    • Security Architecture design
    • Security Audit tools
    • Security requirements generation
    • Security testing
    • Administration of security devices (e.g., firewalls and intrusion detection systems)
    • TCP/IP.

Preferred Qualifications:

  • Network design, software engineering backgrounds, and use of static code analysis tools are a plus.
  • Travel is potentially required between Colorado Springs, Colorado, and Huntsville, Alabama, to support meetings and work with distributed cybersecurity personnel.

What We Can Offer You:

Northrop Grumman provides a comprehensive benefits package and a work environment that encourages your growth and supports the mutual success of our people and our company. Northrop Grumman benefits give you the flexibility and control to choose the benefits that make the most sense for you and your family. Your benefits will include the following:

  • Health Plan
  • Savings Plan
  • Paid Time Off
  • Education Assistance
  • Training and Development
  • Flexible Work Arrangements

https://benefits.northropgrumman.com/us/en2/BenefitsOverview/Pages/default.aspx

NGSpace

COSpace

NGFeaturedJobs

C2BMC

Additional Northrop Grumman Information:

Salary Range: $97,500.00 - $146,300.00

The above salary range represents a general guideline; however, Northrop Grumman considers a number of factors when determining base salary offers such as the scope and responsibilities of the position and the candidate's experience, education, skills and current market conditions.

Employees may be eligible for a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results. Employees in Vice President or Director positions may be eligible for Long Term Incentives. In addition, Northrop Grumman provides a variety of benefits including health insurance coverage, life and disability insurance, savings plan, Company paid holidays and paid time off (PTO) for vacation and/or personal business.

The application period for the job is estimated to be 20 days from the job posting date. However, this timeline may be shortened or extended depending on business needs and the availability of qualified candidates.

Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit http://www.northropgrumman.com/EEO. U.S. Citizenship is required for all positions with a government clearance and certain other restricted positions.

Northrop Grumman

Website: https://northropgrumman.com/

Headquarter Location: Falls Church, Virginia, United States

Employee Count: 10001+

Year Founded: 1994

IPO Status: Public

Last Funding Type: Grant

Industries: Data Integration ⋅ Manufacturing ⋅ Remote Sensing ⋅ Security ⋅ Software