Sr Principal Cyber Architect - Network Security Engineer SME (25-123)

About the position

At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work - and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history. Northrop Grumman Space Systems-Launch and Missile Defense Systems has an exciting career opportunity for a Sr Principal Cyber Architect - Network Security Engineer SME (25-123) to join our team of qualified, diverse individuals. This position, located in Colorado Springs, CO., plays a crucial role in our mission to support the U.S. president, secretary of defense, and combatant commanders at strategic, regional, and operational levels. The Command and Control, Battle Management, and Communications (C2BMC) program integrates the Missile Defense System. It is a vital operational system that enables the U.S. president, secretary of defense, and combatant commanders at strategic, regional, and operational levels to systematically plan ballistic missile defense operations, to see the battle develop collectively, and to dynamically manage designated networked sensors and weapons systems to achieve global and regional mission objectives. C2BMC supports a layered missile defense capability that enables an optimized response to threats of all ranges in all phases of flight. C2BMC is the force multiplier globally and regionally, networks, integrates, and synchronizes autonomous sensor and weapon systems and operations to optimize performance. C2BMC is integral to all system ground and flight tests, which verify and exercise all current and future missile defense system capabilities. In this role, the candidate will serve as the Network Security Engineering SME who will lead the development, implementation, and management of the C2BMC Enterprise infrastructure's cybersecurity posture. As a key member of our Network and Enterprise Services (NES) team, you'll leverage your expertise to design, develop, and deploy solutions utilizing automation tools, ensuring the highest level of security and compliance. Excellent communication skills are essential, as you'll collaborate with agile teams, stakeholders, and customers to track cyber compliance, generate reports, and develop plans to enhance the system's cyber posture. Based in Colorado Springs, CO, with occasional travel to alternate work locations, this role offers a unique opportunity to impact the security and integrity of our systems significantly.

Responsibilities

• Will plan, deploy, integrate, and test cybersecurity upgrades to the C2BMC network at operational sites
• Will be the primary POC for all external communication relating to the C2BMC infrastructure cybersecurity, including other Agile teams, Key stakeholders, and the customer
• Advise and help plan security design with the department's Chief Engineer and Architect
• Expected to develop and implement department-level security procedures
• Expected to write, brief, and document POAM/Risk acceptance documents
• Develop and train other engineers
• Collaborate with Cyber department leadership and requirements team to ensure cross-department security design compliance
• Review releases for cyber compliance
• Create standards for the teams to develop and maintain the highest standard of excellence for cybersecurity
• Generate KPIs with targets and identify metrics to measure progress towards these goals properly
• Automate as much as possible
• Work to address all CTOs, IAVAs, BODs, or directives that apply to the infrastructure

Requirements

• Bachelor's Degree in a Cybersecurity, Computer Science, Engineering, Mathematics, or related discipline preferred from an accredited university and 8 years of related experience, or a Master's degree in a related discipline and 6 years of experience, or 12 years of related experience instead of a degree may be considered
• Applicants must have a current active in-scope DoD-issued Secret security clearance at the time of application, which is required to start with the ability to obtain TS/SCI clearance
• DoD 8140 certification at IAT Level II or higher (Security+ CE, CASP+CE, CND, CySA+, GICSP, GSEC, SSCP, CCNA Security, etc.) is required
• Must be able to travel to alternate work locations, such as Schriever Space Force Base, to execute job duties such as deployments
• Must understand the networking theory and technologies such as OSI Model, TCP/IP, VLANs, Switches, Routers, Firewalls, etc.
• Must be an effective communicator with excellent writing and presentation skills using Microsoft PowerPoint and Visio drawing tools
• Must be familiar with and be able to apply industry-standard security guidance (NIST, IEEE, etc.)
• Must be able to work collaboratively in a team environment with other highly motivated network and system engineers
• Expert knowledge of security design, development, and testing methodologies
• Expert in application of standard DOD security practices such as STIG compliance and System accreditation implementation efforts
• Experience with coding languages and automation tools like Python, Ansible, Java, etc.
• Experience with VMware NSX, SDWAN, Juniper JUNOS, Software-defined networking
• Developing SPIs, tracking other metrics, and creating reports
• Experience with containers, binary, & artifact management and RHEL
• Experience in a DoD Environment

Nice-to-haves

• Current and Active in-scope DoD-Issued TS/SCI clearance is highly desired
• Prior C2BMC experience

Benefits

• Health Plan
• Savings Plan
• Paid Time Off
• Education Assistance
• Training and Development
• Flexible Work Arrangements