Cyber Software Engineer (T05) - Space Systems

Northrop Grumman•Redondo Beach, CA

49d

About The Position

At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work — and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history. Northrop Grumman Space Systems (NGSP) is seeking a Staff Cyber Software Engineer (T05) to join our team in Redondo Beach, CA. In this role you will ensure system security requirements are met by developed software by enforcing security considerations throughout the software development lifecycle. You will interface directly with infrastructure stakeholders to ensure security controls, compliance, and vulnerability scan mitigations are up to Cybersecurity System Engineering standards. You will engage with the Cybersecurity System Engineering team to provide timelines when “fixes” can be deployed and if there is a fix. You will work with infrastructure stakeholders to do POAM work defined by Cybersecurity Systems Engineering.

Requirements

12 years of relevant experience with Bachelor's degree; 10 years of relevant experience with Master's degree; 8 years of relevant experience with PhD; an additional 4 years of experience may be considered in lieu of degree
Active Top Secret clearance required at time of application
Ground Software development experience with direct experience with Host based security solutions

Nice To Haves

Ground-system security architecture experience
Experience working with Nessus Vulnerability Scanner
Familiarity with Anti-Tamper Plans, Counterintelligence Support Plans, Integrated Threat Assessment Reports, Operations Security Plans, Continuous Monitoring Plans, Defensive Cyberspace Operations Plans, IT/Cybersecurity Strategies, Information Support Plans, Enterprise Architecture Views and related documentation IAW DoDI 5000.02, DoDI 5200.39, DODI 5200.44, DODD 5200.47E, DoDI 8500.01, DoDI 8510.01, and NIST SP 800-160
DoD 8570 certification for IAM-III (CISSP, CISM, GSLC, CCISO) or IAT-III (GCIH, CISSP, CASP+, CCNP Security, CISA, GCED)
Experience with Agile methodologies
Active TS/SCI

Responsibilities

Provide implementation guidance and oversight to technical teams/implementer.
Coordinate and communicate with software engineering stakeholders and cybersecurity system engineers to ensure program security controls are met or scheduled to be worked off.
Review and Assess system security requirements and associated verification methods per RMF standards.
Identify and/or assess vulnerabilities and susceptibility to life cycle disruptions, hazards, and threats.
Provide security considerations to inform software engineering efforts with the objective of reducing errors, flaws, and weaknesses that may constitute security vulnerability leading to unacceptable asset loss and consequences.
Identify, quantify, and evaluate the costs/benefits of security functions and considerations to inform analysis of alternatives, engineering trade-offs, and risk treatment decisions.