Principal Classified Cybersecurity Analyst - Polygraph

Northrop GrummanDulles, VA
$114,000 - $171,000Onsite

About The Position

The Northrop Grumman Classified Solutions CIDO team is seeking a Principal Classified Cybersecurity Analyst to support information systems lifecycle activities. The selected candidate will be required to work on-site, full-time at our Dulles, VA location. This role involves conducting system audits, continuous monitoring, performing assessments of systems and networks, analyzing security requirements, assisting in the implementation of government policy, establishing program control processes for risk mitigation and Assessment and Authorization (A&A), supporting Security Test and Evaluation (ST&E), documenting A&A results, and preparing the Risk Management Framework body of evidence. Due to the classified nature of the work, this position does not offer virtual or telecommute options and requires applicants to be willing to work on-site.

Requirements

  • Master’s degree with 3 years of relevant technical experience; OR a Bachelor's degree with 5 years of relevant technical experience; OR an Associates degree with 7 years of relevant technical experience; OR a High School Diploma/GED with 9 years of relevant technical experience is required
  • Candidates must meet the U.S. Government 8140 requirements (8570 equivalent) for a Principal Classified Cybersecurity Analyst – IAM level II or higher certification (examples: CAP or CGRC, CASP+ or CompTIA Security X, GSLC, CCISP-Associate, CISM, CCISO, CISSP)
  • Candidates must have a current U.S. Government Top Secret/SCI level security clearance (at a minimum), to include a closed investigation date completed within the last 6 years OR must be enrolled in the Continuous Evaluation (CE) Program, in order to be considered
  • Candidates must have a current/recent Polygraph [adjudicated within the last 5 years] in order to be considered
  • Candidates must have the ability to obtain, and maintain, access to Special Programs as a condition of continued employment

Nice To Haves

  • Bachelor’s degree in Cyber Security
  • CASP+/SecurityX certification
  • 6 years of experience with Certification & Accreditation of classified systems and networks
  • Experience with Risk Management Framework and/or eMASS
  • Knowledge of ACAS, NESSUS, SPLUNK, SCAP, POA&Ms, NIST, NISPOM, system audits, vulnerability scanning, and RMF/eMASS package development
  • Experience enforcing guidelines, monitoring policies, and enforcing standards for Cybersecurity frameworks and industry best practices supporting National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, CNSSI 1253, and DoD RMF
  • Detail oriented with experience tracking project progress and status
  • Ability to solve complex problems with a mindset on cybersecurity compliance
  • Experience coordinating with a team to review and document information system changes
  • Experience and working knowledge and understanding of auditing, vulnerability scanning/remediation, SIEMs, DISA STIGs, and configuration/change control
  • Strong verbal and written communication skills to produce coherent and concise documentation required for evaluation
  • Current Special Program Access (SAP/SAR)

Responsibilities

  • Conduct system audits and continuous monitoring activities, covering all security controls, configurations, and operational processes to evaluate the security posture of the information systems.
  • Perform assessments of systems and networks within the networking environment or enclave and identify where those systems and networks deviate from acceptable configurations, enclave policy, or local policy.
  • Perform analyses to validate established security requirements and to recommend additional security requirements and safeguards.
  • Assist in the implementation of the required government policy, make recommendations on process tailoring, participate in and document process activities.
  • Establish strict program control processes to ensure mitigation of risks and support the Assessment and Authorization (A&A) of systems. This includes process support, analysis, coordination, security certification testing, security documentation, investigations, software research, hardware introduction and release, emerging technology research, inspections, and periodic audits.
  • Support the formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results and preparation of required reports.
  • Document the results of A&A activities, and technical or coordination activities, and prepare the Risk Management Framework body of evidence.

Benefits

  • flexible work arrangements
  • phenomenal learning opportunities
  • exposure to a wide variety of projects and customers
  • friendly team environment
  • health insurance coverage
  • life and disability insurance
  • savings plan
  • Company paid holidays
  • paid time off (PTO) for vacation and/or personal business
  • overtime
  • shift differential
  • discretionary bonus
  • Annual bonuses
  • Long Term Incentives (for VP or Director positions)
  • 401k matching program
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service