Classified Cybersecurity Analyst 3/4 - Top Secret
Northrop Grumman - Redondo Beach, CA
posted 5 months ago
About the position
At Northrop Grumman, we are seeking a Cybersecurity Analyst to join our team in Redondo Beach, CA. This position requires a Top Secret security clearance and involves working on-site full-time. The selected candidate will play a crucial role in performing comprehensive assessments of the management, operational, and technical security controls employed within or inherited by information systems. The goal is to determine the overall effectiveness of these controls, ensuring they are implemented correctly, operating as intended, and meeting the security requirements for the system. This will involve both passive evaluations, such as compliance audits, and active evaluations, such as vulnerability assessments. The Cybersecurity Analyst will establish strict program control processes to mitigate risks and support the certification and accreditation of systems. This includes supporting processes, analysis, coordination, security certification tests, security documentation, and conducting investigations. The role also involves assisting in the implementation of required government policies, making recommendations on process tailoring, and participating in and documenting process activities. The analyst will perform analyses to validate established security requirements and recommend additional safeguards as necessary. In addition, the selected candidate will support the formal Security Test and Evaluation (ST&E) required by government accrediting authorities, which includes pre-test preparations, participation in tests, analysis of results, and preparation of required reports. The role requires documenting the results of Certification and Accreditation activities, preparing system Security Plans, and updating the Plan of Actions and Milestones (POA&M). Periodic reviews of system audits and monitoring corrective actions until all actions are closed will also be part of the responsibilities. Due to the classified nature of the work, this position does not offer any virtual or telecommute options, and applicants must be willing to work on-site.
Responsibilities
- Perform comprehensive assessments of security controls for information systems.
- Conduct compliance audits and vulnerability assessments to evaluate security effectiveness.
- Establish program control processes to mitigate risks and support system certification and accreditation.
- Assist in implementing government policies and make recommendations for process improvements.
- Participate in Security Test and Evaluation (ST&E) and document results and reports.
- Prepare system Security Plans and update the Plan of Actions and Milestones (POA&M).
- Conduct periodic reviews of system audits and monitor corrective actions.
Requirements
- Top Secret security clearance is required.
- Master's degree with 3 years of experience; OR Bachelor's degree with 5 years of experience; OR Associate's degree with 7 years of experience; OR High School Diploma with 9 years of experience.
- Active DoD 8570 IAM level II (or higher) security certification (e.g., CAP, CGRC, CASP CE, CCISO, HCISPP, CISM, GSLC, CISSP-Associate, or CISSP).
Nice-to-haves
- Master's or Bachelor's degree in Cyber Security.
- Active DoD 8570 IAM level III security certification (CISM, GSLC, CCISO, CISSP).
- Experience with Certification and Accreditation of classified systems and Risk Management Framework.
- Knowledge of ACAS, NESSUS, SPLUNK, SCAP, POA&Ms, NIST, DIACAP, NISPOM, system audits, vulnerability scanning, and RMF package development.
Benefits
- Disability insurance
- Relocation assistance
- Health insurance
- Paid time off
- 401(k) matching
