Start your future with a new mission: Northrop Grumman Enterprise Services (NGES). As a part of the NGES Team, you will work with experts throughout the enterprise that develop systems and solutions to keep our world safe. Together we protect our troops, public safety, information, and our planet. It's unique work. It's challenging and rewarding. But most of all, it's work that makes a difference. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work, and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history. Join us and launch your career.
Northrop Grumman's Enterprise Services Information Assurance support team is seeking a Cyber Protection Engineer (Lead) to join the Information Security team in Roy, UT. This will support the Ground Based Strategic Deterrent (GBSD) program. Learn more about the GBSD program here.
The Cyber Security organization has overall responsibility for providing information security oversight to all Northrop Grumman classified systems under their respective purview. This specific position will be required to perform and lead projects supporting vulnerability assessment security functions. Includes delivering JSIG compliant vulnerability assessment solutions through the use vulnerability scanners, vulnerability agents, other configuration and threat identification tools and services. These activities include ensuring that the vulnerability identification and management services satisfy JSIG requirements for ATO, satisfy any POA&Ms and ensure that compliance is maintained on an on-going basis.
Responsibilities will include, but are not limited to:
• Supports, coordinates the installation and/or reconfiguration of vulnerability scanning SW (Scanners), management and data aggregation consoles.
• Coordinate and report project status with management and supervisors.
• Maintains technical expertise in all areas of scanning software, its interconnection to the consoles and ensuring that all networks, subnets, VLANs and endpoints used by the program in each security domain are understood and that the compliance requirements are met. This will involve both endpoint and network security vulnerability assessment tools.
• Supports the installation of security vulnerability agents on all workstations, VDI images, external cloud VDI like images, all virtual and physical servers .
• Supports integration of vulnerability reports from all scanners into the C&A/A&A Tool and as required, into the SIEM.
Assist in the installation and maintenance of agents on operating system as those operating systems are patched/updates and tested.
• Assist in the enablement of scanning on demand services. May configure, test and if needed support scanning to support operational needs.
• May propose solutions to management to ensure all communications requirements based on future needs and current usage, configuring such solutions to optimize cost savings.
• Prepares or ensures that appropriate vulnerability documentation exists, including CONOPS and technology/solution ATO package preparation support and maintenance.
• May coordinate third-party maintenance for vulnerability scanner systems.
• Complete understanding and wide application of technical principle, theories, and concepts in the field.
• General knowledge of other related disciplines.
The successful applicant will demonstrate the ability to work in a team environment with security professionals, system administrators and computer/facility organizations and support design, test and development engineering customers.
To be considered for this position, you must minimally meet the knowledge, skills, and abilities listed below:
• Bachelor's degree and 14 years of ISSO experience using RMF or related experience; Master Degree and 12 years; or Ph.D. and 9 years. In lieu of a Bachelor's degree, one year of relevant experience may be substituted for each year of the 4 required years of education.
• Active DOD Secret clearance and ability to maintain the clearance
• Ability to be cleared to special access programs (SBI within the last 5 years)
• DOD 8570 training and certifications (IAT, or IAT Level II certification) or ability to obtain certifications within 6-months
• Knowledge of leading COTS vulnerability assessment tools
• Knowledge of OpenSCAP vulnerability assessment tools
• Knowledge of LAN concepts such as VLANs, subnets, VLAN communications brokerage principles using Firewalls and how to run scans through them.
• Multi-tasking with good communication skills; both verbal and written are a must.
Candidates with these desired skills will be given preferential consideration:
• Experience using leading vulnerability scanning teams
• Experience using leading COTS and Open Source vulnerability scanners
• Knowledge of JSIG, the Classified Overlay, NIST SP800-53/R4 (R5)
• Knowledge of classified network design principles, operating systems, CVE and related guidance associated with scanners and vulnerability analysis and remediation
• Strong written and verbal communication skills
• Proficient project management skills
• Ability to work in fast paced environment
• Willingness to work after hours and weekends as required
• Active Top Secret DOD security clearance
Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit www.northropgrumman.com/EEO. U.S. Citizenship is required for most positions.