Category: Information Technology
Location: Roy, Utah
US Citizenship Required for this Position: Yes
Clearance Type: Top Secret
Telecommute: No -Teleworking not available for this position
Shift: 1st Shift
Travel Required: Yes, 10 % of the Time
Positions Available: 1
Connect and protect the world with a career securing the networks across our various state-of-the-art programs. Northrop Grumman is currently searching for self-motivated team players ready to transform the future of technology and defense by using their skills to solve our toughest challenges in the most innovative ways. From Day One you will use your experience to work alongside experts in effectively communicating, analyzing workflow, establishing priorities as well as supporting critical infrastructure across all our products. If you work well under pressure and are ready to take the next step in your career, come start Defining Possible with us. Northrop Grumman provides opportunities for you to own your career growth through Diversity, Equity, and Inclusion, Women in Technology, Operation Impact, and Skillbridge Veteran Intern initiatives that allow you to network across the organization, volunteer in our community, and build your technical and soft skills. Together we are building a culture that values diversity and creates a space of belonging for all our team members. We believe that investing in your success is an investment in our customers and our nation.
Northrop Grumman Enterprise Services is seeking a Principal Cyber Information Assurance Analyst. This position will be located in Roy, UT and will support the Ground Based Strategic Deterrent (GBSD) program. Learn more about the GBSD program here.
The Cyber Security organization has overall responsibility for providing information security oversight to all Northrop Grumman classified systems under their respective purview. This specific position will be required to perform and lead projects supporting vulnerability assessment security functions inside a cloud environment.
Let's talk about you:
• have an inquisitive personality that always wants to learn?
• think systematically, achieve purposefully, and speak diplomatically?
• enjoy taking technical concepts and applying them to the business?
• love working collaboratively to enhance the company's cybersecurity posture?
• enjoy leveraging and integrating the latest cybersecurity tools?
• understand risks, threats and vulnerabilities?
• think in terms of confidentiality, integrity, and availability?
• have an acute attention to detail?
• excel in learning things quickly and thoroughly?
• love to continually learn both on the job yet earn technical certifications?
• transform ambiguity into focused, productive, impactful outcomes?
• understand the value of data and systems, and the critical role cybersecurity plays in an organization?
If you want to work on a team where your input matters, your get to work with sharp colleagues with whom you'll grow, where your work is truly valued and you make a real difference, then you'll be in good company.
What You'll Get To Do:
Perform assessments of systems and networks within the networking environment or enclave and identify where those systems and networks deviate from acceptable configurations, enclave policy, or local policy. This is achieved through passive evaluations such as compliance audits and active evaluations such as vulnerability assessments. Establishes strict program control processes to ensure mitigation of risks and supports obtaining certification and accreditation of systems. Includes support of process, analysis, coordination, security certification test, security documentation, as well as investigations, software research, hardware introduction and release, emerging technology research inspections and periodic audits. Assist in the implementation of the required government policy (i.e., NISPOM, DCID 6-3), make recommendations on process tailoring, participate in and document process activities. Perform analyses to validate established security requirements and to recommend additional security requirements and safeguards. Support the formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results and preparation of required reports. Document the results of Certification and Accreditation activities and technical or coordination activity and prepare the system Security Plans and update the Plan of Actions and Milestones POA&M. Periodically conduct a complete review of each system's audits and monitor corrective actions until all actions are closed.
As a full-time employee of Northrop Grumman Space Systems, you are eligible for our robust benefits package including:
• Medical, Dental & Vision coverage
• Educational Assistance
• Life Insurance
• Employee Assistance Programs & Work/Life Solutions
• Paid Time Off
• Health & Wellness Resources
• Employee Discounts
This position's standard work schedule is a 9/80. The 9/80 schedule allows employees who work a nine-hour day Monday through Thursday to take every other Friday off. UTSPACE
What we expect: (We expect a lot. Most importantly, we want to work with awesome team players who are humble, hungry, and people smart. Please consider applying even if you don't feel you're a 100% fit.)
You'll Bring These Qualifications: • HS Diploma/GED plus 11 years of relevant work experience OR 9 years of applicable work experience with an Associate's Degree OR 5 years of experience with a Bachelor's Degree OR 3 years with a Master's Degree OR 0 years with a PHD may also be considered
• US Citizenship with an Active Top Secret Clearance or higher (awarded within the past 5 years)
• Ability to obtain and maintain Special Access Program (SAP) access
• Cyber Security Experience
• IT/Infrastructure Experience These Qualifications Would be Nice to Have:
• Experience working in a team environment with security professionals, system administrators and computer/facility organizations.
• Experience supporting design, test and development engineering customers.
• Experience in project management, security/information software development, cyber security monitoring and IT systems, web development, or user interface development
• Working knowledge and understanding of auditing, vulnerability scanning/remediation, and implementation of Risk Management Framework.
• Possess excellent verbal and written communication skills to produce coherent and concise documentation required for certification evaluation.
• Ability to prioritize and execute tasks in a collaborative team environment within schedules and timelines
• Current DOD 8570 IAM Level I security certification (Examples: Security +CE)
• Experience with: Agile, SAFE, Certified Scrum Master, CISSLP, CompTIA A+, Security+, PMP, AWS Solutions Architect, CEH, CISM, CISSP, CISA. SSCP
Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit U.S. Citizenship is required for most positions.