Staff Cyber Systems Engineer (Oklahoma City)
Description
At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work — and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history.Please note that this opportunity is contingent on program funding. Start dates are determined after funding confirmation.
Northrop Grumman Aeronautics Systems has an opening for a Staff Cyber Systems Engineer to join our team of qualified, diverse individuals in our System Engineering organization. This position is located in Oklahoma City, OK.
In this role, you will be responsible for System Security Engineering across all phases of a system’s acquisition / development lifecycle. You will need a strong background in Program Protection, Supply Chain Risk Management, and Counterfeit Parts Prevention to be successful. You also will need experience with Cybersecurity engineering and implementations based on US Government standards, National Institute of Standards and Technology (NIST), Committee on National Security Systems Instruction (CNSSI), and Risk Management Framework (RMF) processes, policies and guidelines.
Essential Functions:
- Lead a team of Cyber Systems Engineers to perform Program Protection, manage Supply Chain Risk, and conduct supply chain vulnerability and risk assessments
- Develop/update Program Protection Implementation Plan(s), Supply Chain Risk Management (SCRM) plans, and Counterfeit Prevention Plan(s)
- Perform supply chain vulnerability and risk assessments, document findings and recommend mitigations/countermeasures
- Develop/refine Hardware/Software Bill of Materials and conduct Criticality Analysis of system components
- Monitor system changes impacted through the supply chain
- Review system vulnerability scans and mitigation reports
- Support inquiries into, and auditing of, suppliers
- This position requires knowledge and experience using systems security engineering methodologies and techniques.
- Prepare technical documents, provide briefings, attend security-related working groups, support ongoing authorization efforts including development of supporting documentation, develop procedures, and work in a fast-changing dynamic environment with minimal direction.
- Responsible for System Security Engineering (SSE) duties as assigned and to provide technical leadership in Program Protection (countermeasures), Supply Chain Risk Management, and Counterfeit Parts Prevention planning activities
- Comfortable working in an Agile Development environment.
- Interface with other cyber functional areas, internal company management and executives with a focus on effective program execution and mission assurance. Serves as a technical liaison and/or external spokesperson.
Basic Qualifications:
- Must have a Bachelors of Science degree in a STEM field and at least 12 years of relevant military / professional experience, OR a Master's Degree in a STEM field and at least 10 years of relevant military / professional experience, OR a PhD and at least 8 years of relevant military / professional experience
- Must have experience with US Government System Security Engineering activities (security requirements engineering, risk assessment and management, secure architecture design, implementation and verification activities)
- Must have experience with developing, executing, and managing Program Protection, Supply Chain Risk, and Counterfeit Parts Prevention plans as well as performing Criticality Analysis of system components.
- Must have experience with the Risk Management Framework (RMF), development of System Security Plans, Assessment Reports, attack path modeling, and mitigation strategies
- Must have experience working with, and providing oversight and guidance to, junior engineers and different IPTs and Suppliers/Subcontractors in support of design development, implementation, and test/verification activities
- Must have an active US Government Secret or higher clearance (with a background investigation completed within the last 6 years or currently enrolled into Continuous Evaluation).
- Must have the ability to obtain and maintain Special Access Program (SAP) clearance within a reasonable amount of time as determined by business needs.
- Must possess a DoDD 8140.01 qualifying certification, such as CompTIA Security+, CISSP, or similar network/security certifications
Preferred Qualifications:
- Experience with embedded computing environments and technologies
- Experience with cloud computing environments and technologies
- Experience with Model Based Systems Engineering tools such as Cameo or other similar system modeling tools
- Familiarity with DoDI 5000.02 (Operation of the Adaptive Acquisition Framework), DODI 5200.44 (Protection of Mission Critical Functions to Achieve Trusted Systems and Networks), DoDI 5000.83 (Technology and Program Protection to Maintain Technological Advantage), NIST SP 800-161 (Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations), US Government Program Protection Plan and Guidance
- Experience applying agile methodologies to the development of cybersecurity capabilities for embedded systems.
- Experience working on a multidisciplinary team and writing technical proposals
- Excellent communication, interpersonal skills, and the ability to interface with all levels of employees and management
- Familiarity with U.S Government Anti-Tamper (AT) processes and implementations
- Ability to obtain a US Government Top Secret security clearance to include a Single Scope Background Investigation (SSBI)
#ICS #Blue
Primary Level Salary Range: $144,900.00 - $217,300.00The above salary range represents a general guideline; however, Northrop Grumman considers a number of factors when determining base salary offers such as the scope and responsibilities of the position and the candidate's experience, education, skills and current market conditions.Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results. Employees in Vice President or Director positions may be eligible for Long Term Incentives. In addition, Northrop Grumman provides a variety of benefits including health insurance coverage, life and disability insurance, savings plan, Company paid holidays and paid time off (PTO) for vacation and/or personal business.The application period for the job is estimated to be 20 days from the job posting date. However, this timeline may be shortened or extended depending on business needs and the availability of qualified candidates.Northrop Grumman is an Equal Opportunity Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO and pay transparency statement, please visit http://www.northropgrumman.com/EEO. U.S. Citizenship is required for all positions with a government clearance and certain other restricted positions.More jobs at Ngc
- Associate HR Business Partner - Clearfield UT — United States-Utah-Clearfield
- Global Supply Chain Program Manager 2 — United States-Utah-Magna
- Program Manager 1 – D5 Block — United States-Utah-Magna
- Manager Supply Chain 2 — United States-California-El Segundo
Similar roles
- Cyber Operations Integrator at Caci
- Cyber Operations Integrator at Caci
- Computer Network Defense Analysts 1-4 (CNDA) at Pae
- Exploitation Analysts 1-4 (EA) at Pae