Classified Cybersecurity Analyst 3/4

$102,400 - $153,600/Yr

Northrop Grumman - Aurora, CO

posted 4 months ago

Full-time - Mid Level
Remote - Aurora, CO
10,001+ employees
Computer and Electronic Product Manufacturing

About the position

At Northrop Grumman, we are seeking experienced Information Systems Security Professionals to join our team in Aurora, Colorado. This position is critical in supporting our information systems lifecycle activities, particularly in the context of cybersecurity. As a member of our team, you will be at the forefront of protecting our cyber assets from a wide spectrum of threats that are constantly evolving in sophistication and speed. You will perform assessments of systems and networks within the networking environment or enclave, identifying deviations from acceptable configurations, enclave policy, or local policy. Your role will involve establishing strict program control processes to ensure risk mitigation and support the certification and accreditation of systems. This includes a variety of tasks such as process analysis, security certification testing, documentation, and conducting periodic audits. You will assist in implementing required government policies, making recommendations on process tailoring, and participating in and documenting process activities. Your analyses will validate established security requirements and recommend additional safeguards as necessary. You will also support the formal Security Test and Evaluation (ST&E) required by each government accrediting authority, which includes pre-test preparations, participation in tests, analysis of results, and preparation of required reports. Additionally, you will document the results of Certification and Accreditation activities and prepare system Security Plans, updating the Plan of Actions and Milestones (POA&M) as needed. Periodically, you will conduct complete reviews of each system's audits and monitor corrective actions until all actions are closed. This position requires a commitment to working on-site due to the classified nature of the work. We are looking for individuals who are ready to solve complex problems in a dynamic environment and who are willing to contribute to our mission of defining what is possible in cybersecurity. The role may be filled at either the Principal level (Level 3) or the Senior Principal level (Level 4), depending on the applicant's qualifications and experience.

Responsibilities

  • Perform assessments of systems and networks within the networking environment or enclave.
  • Identify deviations from acceptable configurations, enclave policy, or local policy.
  • Establish strict program control processes to ensure risk mitigation.
  • Support obtaining certification and accreditation of systems.
  • Conduct process analysis, security certification testing, and documentation.
  • Participate in and document process activities.
  • Validate established security requirements and recommend additional safeguards.
  • Support formal Security Test and Evaluation (ST&E) required by government accrediting authorities.
  • Document results of Certification and Accreditation activities and prepare system Security Plans.
  • Update the Plan of Actions and Milestones (POA&M).
  • Conduct complete reviews of each system's audits and monitor corrective actions.

Requirements

  • Master's degree with 3 years of experience; OR a Bachelor's degree with 5 years of experience; OR an Associate's degree with 7 years of experience; OR a High School Diploma/GED with 9 years of experience is required for Level 3.
  • Must have a DoD 8570 IAM level II (or higher) security certification (examples: CAP, CASP+ CE, CCISO, HCISPP, CISM, GSLC, CISSP-Associate, or CISSP).
  • Candidates must have a current DOD Top Secret level security clearance, including SCI access level eligibility based on a closed investigation date completed within the last 6 years, or must be enrolled in the DOD Continuous Evaluation (CE) Program.
  • Candidates must have the ability to obtain and maintain a Polygraph as a condition of continued employment.
  • Candidates must have the ability to obtain and maintain access to Special Programs as a condition of continued employment.
  • For Level 4: Master's Degree with 7 years of experience; OR a Bachelor's Degree with 9 years of experience; OR an Associate's Degree with 11 years of experience; OR a High School Diploma/GED with 13 years of experience is required.
  • Must have a current DoD 8570 IAM level III security certification (CISM, GSLC, CCISO, CISSP).

Nice-to-haves

  • Bachelor's degree in Cybersecurity.
  • DoD 8570 IAM level III security certification (CISM, GSLC, CCISO, CISSP).
  • 10 years of experience with Certification and Accreditation of classified systems and Risk Management Framework.
  • Knowledge of ACAS, NESSUS, SPLUNK, SCAP, STIG, POA&Ms, NIST, DIACAP, JSIG, DAAPM, NISPOM, system audits, vulnerability scanning, and RMF package development.
  • Familiarity with the NIST 800 family including NIST 800-37 and NIST 800-53.
  • Familiarity with researching and evaluating CVE/CVSS to identify, assess, and manage risk from threats and vulnerabilities.
  • Familiarity with Windows and Linux environments.
  • Familiarity with cloud environments and accreditation.
  • Active Top Secret/SCI with SAP/SAR access and a recent Polygraph adjudicated within the last 5 years.

Benefits

  • Health insurance coverage
  • Life and disability insurance
  • Savings plan
  • Company paid holidays
  • Paid time off (PTO) for vacation and/or personal business
  • 401k matching program
  • Flexible work arrangements
  • Phenomenal learning opportunities
  • Exposure to a wide variety of projects and customers
  • Friendly team environment

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service