Northrop Grumman Mission Systems is seeking a Cyber Security/Information Assurance Engineer 3/4 to join the Resilient Network Solutions (RNS) operating unit to support the Battlefield Airborne Communication Node (BACN) program as the Cyber Integrated Product Team (IPT). As part of Northrop Grumman's business focus area on Communications, RNS provides world-class communications with a range of capabilities spanning from quick reaction/urgent need programs to complex communication integration efforts. Our BACN program is the leading supplier of airborne networks, providing flexible content delivery solutions for C2, ISR and disaster relief customers worldwide.
Work performed in San Diego, CA with the possibility of up to 10% travel (CONUS & OCONUS)
Roles & Responsibilities:
The Information Assurance System Architect and Engineer (IASAE) will ensure security is considered and designed from concept to code to operational deployment of the BACN system. The IASAE will make sure that the IA related information system will be functional and secure within the computing and networking environment. In addition, the IASAE must obtain and maintain an IA baseline certification appropriate to position.
Responsible for ensuring that appropriate security controls are defined and for assisting the Government in their efforts to assess risk and implement adequate information technology security measures.
Provide engineering support to security/certification test and evaluation activities; ensure security deficiencies identified during security/certification testing have been mitigated, corrected, or a risk acceptance has been obtained by the authorized representative.
Receive CTE report, as and when appropriate, regarding the results of risk management reviews and assessments from the BACN Cyber team, CCB/CRB Audit, or other internal departments as necessary to fulfill duties and responsibilities.
Discuss with management and the IAM/ISSM the Governments major risk exposures and review the steps Management/CCB/CRB/PE has taken to monitor and control such exposures, including the Governments risk assessment and risk management policies.
Review existing security standards and practices among the various DODI policies to determine whether those standards and practices are enforced and meet FISMA NIST and DODI wide security requirements.
Compliance verification of Defense Information Systems Agency (DISA) Secure Technical Implementation Guides (STIGs), Service security alerts and bulletins, and DISA/DoD standards.
Identify, assess, and recommend IA or IA-enabled products for use within BACN; ensure recommended products are in compliance with the DoD evaluation and validation requirements.
Document system security design features and provide input to implementation plans and standard operating procedures.
Provide input to Risk Management Framework process activities and related documentation (e.g., system life-cycle support plans, concept of operations, operational procedures, and training materials).
There is the expectation that the hired candidate has the ability to provide recommendations for improvements and enhancements of platforms, systems and labs. A qualified candidate must be able to work in a dynamic and fast paced team environment and provide mentorship and guidance to junior team members.
This requisition may be filled at a higher grade based on the qualifications listed below.
This requisition may be filled at a level 3 or 4.
Typical Minimum Education / Experience:
Level 3: 5 Years with Bachelors in Science; 3 Years with Masters; 0 Years with PhD.
Level 4: 9 Years with Bachelors in Science; 7 Years with Masters; 4 Years with PhD
Bachelors of Science in Computer Information Systems, Systems Engineering or other STEM degree
A minimum of one IAW DoD 8570.01-M certificate at Level II for IASAE is required
9 years of systems engineering experience with an IA background
DoD Risk Management Framework experience, to include documentation.
Candidate should have good interpersonal skills and be willing to work on a team project
Must have active Secret Security Clearance
DoD 8500-series and 8510.01 policy directives, approaches to cyber security, knowledge of security procedures, IATO and ATO requirements
RMF (documentation) and Risk Management Framework experience
4 years experience with communication systems and able to work in a quick reaction program environment
Experience with Battlefield Airborne Communications Node (BACN)
Prior leadership experience of a team of Cyber engineers is preferred.
Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit www.northropgrumman.com/EEO. U.S. Citizenship is required for most positions.