Start your future with a new mission: Northrop Grumman Enterprise Services (NGES). As a part of the NGES Team, you will work with experts throughout the enterprise that develop systems and solutions to keep our world safe. Together we protect our troops, public safety, information, and our planet. It's unique work. It's challenging and rewarding. But most of all, it's work that makes a difference. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work, and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history. Join us and launch your career.
Northrop Grumman's Enterprise Services Information Assurance support team is seeking a Cyber Information Assurance Analyst to join the Information Security team in Roy, UT. Learn more about the GBSD program here.
The Cyber Security organization has overall responsibility for providing information security oversight to all Northrop Grumman classified systems under their respective purview. This specific position will be required to perform security functions pertaining to JSIG compliant end point protection builds using leading COTS malicious content detection, prevention and eradication suites of tools. Technologies to include supporting the use of DISA Approved AV suites of products, SCCM, WSUS, Satellite Server, and other agents to ensure the secure operation of endpoint protection software. These activities include ensuring that the protection of endpoints from malicious SW are implemented, management effectively to satisfy JSIG requirements for ATO, satisfy any POA&Ms and ensure that compliance is maintained on an on-going basis.
Daily work includes:
• maintain security agents,
• manage close-to-real time monitoring systems,
• ensure that automated updates and reporting performance is optimized,
• review and validate data collected and results with the SOC, Analysts and system owners, and
• Assess criticality of Alerts
Responsibilities will include, but are not limited to:
• Support and perform initial installation(s) and/or reconfiguration of end point protection agents for both LINUX and Windows workstations, VDI images, physical and virtual servers, management and data aggregation consoles in all security domains to meet expected operations
• Partner with system administrators to ensure agents are installed correctly, and OS and related changes do not interfere with or degrade the operation of any agents
• Maintain each endpoint agent and its associated, closely-integrated management console for the life of the program
• Validate signatures are automatically updated, transferred and ingested into appropriate management consoles for incorporation into endpoint agents
• Ensure that either directly, or through their management console, each agent reports all incidents and events to the SIEM. Additionally, verify that the SIEM/Cognizant analysts understands the data that has been provided
• Maintain technical expertise in all areas of agent based software, their interconnection to the consoles and ensuring that all endpoints are continuously and effectively monitored in each security domain.
• Identify and elevate potential cost savings and optimization solutions with special focus on all, current usage, and future-based, communications requirements
• Prepare and verify that appropriate vulnerability documentation exists, including CONOPS and technology/solution ATO package preparation support and maintenance
• Coordinate third-party maintenance for content detection and mitigation systems
• Act in capacity as subject matter expert and be sought after for your complete understanding and wide application of technical principle, theories, and concepts in the field; as well as general knowledge of other related disciplines.
The successful applicant will demonstrate the ability to work in a team environment with security professionals, system administrators and computer/facility organizations and support design, test and development engineering customers.
To be considered for this position, you must minimally meet the knowledge, skills, and abilities listed below:
• Bachelor's degree and 9 years of ISSO experience using RMF or related experience; Master Degree and 7 years; or Ph.D. and 4 years. In lieu of a Bachelor's degree, one year of relevant experience may be substituted for each year of the 4 required years of education.
• Active DOD Secret clearance and ability to maintain the clearance
• Ability to be cleared to special access programs (SBI within the last 5 years)
• DOD 8570 training and certifications (IAT or IAT Level II certification) or ability to obtain certifications within 6-months
• Knowledge of leading COTS malicious content detection, prevention and eradication suites of tools
• Multi-tasking with good communication skills; both verbal and written are a must
Candidates with these desired skills will be given preferential consideration:
• Experience using leading COTS malicious content detection, prevention and eradication suites of tools
• Knowledge of JSIG, the Classified Overlay, NIST SP800-53/R4 (R5)
• Knowledge of classified network design principles, operating systems, CVE and related guidance associated with scanners and vulnerability analysis and remediation
• Strong written and verbal communication skills
• Proficient project management skills
• Ability to work in fast paced environment
• Willingness to work after hours and weekends as required
• Active Top Secret DOD security clearance
Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit www.northropgrumman.com/EEO. U.S. Citizenship is required for most positions.