Start your future with a new mission: Northrop Grumman Enterprise Services (NGES). As a part of the NGES Team, you will work with experts throughout the enterprise that develop systems and solutions to keep our world safe. Together we protect our troops, public safety, information, and our planet. It's unique work. It's challenging and rewarding. But most of all, it's work that makes a difference. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work, and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history. Join us and launch your career.
Northrop Grumman's Enterprise Services Information Assurance support team is seeking a Cyber Information Assurance Analyst to join the Information Security team in Roy, UT. Learn more about the GBSD program here.
The Cyber Security organization has overall responsibility for providing information security oversight to all Northrop Grumman classified systems under their respective purview. This specific position will be required to perform security functions pertaining to JSIG compliant end point protection builds using leading COTS malicious content detection, prevention and eradication suites of tools. Technologies to include supporting the use of DISA Approved AV suites of products, SCCM, WSUS, Satellite Server, and other agents to ensure the secure operation of endpoint protection software. These activities include ensuring that the protection of endpoints from malicious SW are implemented, management effectively to satisfy JSIG requirements for ATO, satisfy any POA&Ms and ensure that compliance is maintained on an on-going basis.
Daily work includes:
• maintain security settings,
• develop L7 controls
• validate alerting data and related information is provided in close-to-real time to the SIEM
• ensure that automated updates, signatures and reporting performance is optimized,
• review and validate data collected and results with the SOC, Analysts and system owners, and
• maintain proficiency level through regular participation in OEM specific product training classes, other relevant and ad hoc training opportunities. Specifically, complete NGFW OEM Specific product specialization classes.
Responsibilities will include, but are not limited to:
• maintain technical expertise in the use of the OEMs management console
• understand and know when to apply Layer 3 FW rules (IP Address, Port and Protocol settings) using the GUI and the CLI
• understand and know when to apply Layer 7: application inspection rules, malicious content inspection rules, development of custom rules, and the use of application learning in the development of custom rules
• understand and know when to apply limited application specific message content inspection rules (limited dirty word searches)
• perform PCAP data capture and transfer
• execute SSL/TLS Certificate integration with the HSM
• implement SAML Authentication with the AD service
• implement WAF inspection of web based traffic
• perform encrypted/decrypted traffic inspection
• utilize and integrate the NGFW with sandboxes for file testing and detonation
• Identify and elevate potential cost savings and optimization solutions with special focus on all, current usage, and future-based, communications requirements
• Prepare and verify that appropriate vulnerability documentation exists, including CONOPS and technology/solution ATO package preparation support and maintenance
• Coordinate third-party maintenance for content detection and mitigation systems
• Act in capacity as subject matter expert and be sought after for your complete understanding and wide application of technical principle, theories, and concepts in the field; as well as general knowledge of other related disciplines.
The successful applicant will demonstrate the ability to work in a team environment with security professionals, system administrators and computer/facility organizations and support design, test and development engineering customers.
To be considered for this position, you must minimally meet the knowledge, skills, and abilities listed below:
• Bachelor's degree and 9 years of ISSO experience using RMF or related experience; Master Degree and 7 years; or Ph.D. and 4 years. In lieu of a Bachelor's degree, one year of relevant experience may be substituted for each year of the 4 required years of education.
• Active DOD Secret clearance and ability to maintain the clearance
• Ability to be cleared to special access programs (SBI within the last 5 years)
• DOD 8570 training and certifications (IAT or IAT Level II certification) or ability to obtain certifications within 6-months
• Knowledge of leading COTS NGFWs and their Management Consoles
• Knowledge of LAN concepts such as VLANs, subnets, VLAN communications brokerage principles using Firewalls.
• Multi-tasking with good communication skills; both verbal and written are a must
Candidates with these desired skills will be given preferential consideration:
• Experience using leading COTS NGFWs and their optimal tuning and configuration
• Knowledge of JSIG, the Classified Overlay, NIST SP800-53/R4 (R5)
• Knowledge of classified network design principles, operating systems, applications and processes relating to Layer 7 rule development
• Strong written and verbal communication skills
• Proficient project management skills
• Ability to work in fast paced environment
• Willingness to work after hours and weekends as required
• Active Top Secret DOD security clearance
Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit www.northropgrumman.com/EEO. U.S. Citizenship is required for most positions.