Cyber Security Engineer / Principal Cyber Security Engineer

At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work — and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history. Northrop Grumman Defense Systems has an opening for an Engineer Software (Cyber Security) to join our team of qualified, diverse individuals within our Software organization in Bellevue, Nebraska where we define possible. Join our team to work in an embedded technology environment to develop software working with real time operating systems for use in flight and mission critical systems. We build complex aircraft systems using the latest technologies including simulation, cloud computing, DevSecOps, and cyber that can rapidly evolve to deliver enhanced capabilities for fielded systems, modernizing in partnership with our customers to meet their most complex missions. Bring your innovative ideas and ingenuity, to help us define possible and have some fun along the way. In this position will perform security engineering within a networking environment or enclave. Perform active evaluations such as compliance and vulnerability tests and adjudicate deviations from acceptable configurations, and policies. Provide Cybersecurity Assessment support and serve as a Cybersecurity expert throughout all stages of acquisition, systems engineering, and maintenance processes. Ensure system designs and implementations are consistent with policies, requirements, and directives, including compliance with Security Technical Implementation Guides (STIG), Security Requirements Guides (SRGs), Center for Internet Security (CIS) Benchmark, Common Vulnerabilities and Exposures (CVE), Common Weakness Enumeration (CWE) and Open Web Application Security Project (OWASP). Identify Cyber vulnerabilities and compliance issues. Remediate existing vulnerabilities or develop mitigations that minimize risks and work with the program to incorporate findings into the system POA&M. This position is contingent upon Award Responsibilities will include, but are not limited to: Administer strict program control processes to ensure mitigation of risks and supports obtaining Assessment and Authorization (A&A) of systems. Support security process, analysis, coordination, assessment, documentation, software research. Provide security impacts and risk assessments of new system components and emerging technologies. Assist in the implementation of the Risk Management Framework (RMF), through the required government policy (i.e., NIST SP 800-53, NIST SP 800-37, CNSSI, etc.), make recommendations on process tailoring, participate in and document process activities. Implement, document, test and verify established security requirements.