Sr Principal Cyber Systems Engineer - NG Space Systems

At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work — and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, but they’re also making history. The Payload and Ground Systems (PGS) division of Northrop Grumman Space Systems sector pushes the boundaries of innovation, redefines engineering capabilities, and drives advances in various sciences. We are a trusted mission payload and ground system provider with extensive experience providing end-to-end mission solutions from concept through operations and support. We are seeking a Senior Principal Cyber Systems Engineer to join our talented team in Redondo Beach, CA. The Cyber Systems Engineer will be responsible for understanding functional system requirements and deriving security controls to provide technical implementation solutions to various engineering teams in order to comply with system requirements; identify system design and operational vulnerabilities and make recommendations to address deficient areas; work with system administrators to securely configure systems per customer security standards, community best practices and benchmarks. The ideal candidate will play a crucial role in planning, designing, implementing, and maintaining the security and integrity of the system. The Cyber Systems Engineer will be responsible for tasks including, but not limited to: Perform customer requirements elicitation leading to cybersecurity requirements development Review and assess stakeholder security objectives, protection needs and concerns, system security requirements, and associated verification methods per Risk Management Framework (RMF) standards Define, allocate and control Ground Segment cybersecurity requirements to satisfy RMF compliance Identify, quantify, and evaluate the costs/benefits of security functions and considerations to inform analysis of alternatives, engineering trade-offs, and risk treatment decisions Coordinate and collaborate with diverse engineering design teams to assist in managing the technical baseline Define, document, build plan, and manage Information Assurance (IA) or Cybersecurity engineering including security controls traceability and decomposition, security architecture and design, analysis of Security Technical Implementation Guidelines (STIG) mapping Identify and/or assess vulnerabilities and susceptibility to life cycle disruptions, hazards, and threats Implement, review, upgrade, and document STIGs and security controls Create, mature, and present comprehensive and cohesive technical charts representative of the appropriate level of maturation for any given milestone meeting and demonstrate team readiness in relation to achieving the milestone entrance and exit criteria Identify required contractual deliverables and non-contractual documentation and drive corresponding updates to closure Periodically conduct system audit and develop corrective action plans to resolve audit findings Support the design and implementation of automated tools to configure, integrate and test, and deploy hardened environment to meet security controls Assist the program to gain certification of systems, drafting and updating security artifacts Basic Qualifications: Senior Principal Cyber Systems Engineer: 8 Years of relevant experience with Bachelors in Science; 6 Years of relevant experience with Masters; 4 Years of relevant experience with PhD Active DoD Secret clearance required at the time of application System engineering and/or system security engineering experience Experience with RMF and NIST800-53 and developing RMF assessment and authorization documentation Familiarity with Systems Security Engineering (SSE) documentation (e.g. Cybersecurity Strategies, Information Support Plans, Program Protection Plans (PPPs) Familiarity with Anti-Tamper Plans, Counterintelligence Support Plans, Integrated Threat Assessment Reports, Operations Security Plans, Continuous Monitoring Plans, Defensive Cyberspace Operations Plans, IT/Cybersecurity Strategies, Information Support Plans, Enterprise Architecture Views and related documentation IAW DoDI 5000.02, DoDI 5200.39, DODI 5200.44, DODD 5200.47E, DoDI 8500.01, DoDI 8510.01, and NIST SP 800-160 Experience in conducting system audits, reviewing audit results, and developing corrective action plans Experience in executing vulnerability scans and developing and maintaining security documentation, including SSPs, SECONOPS, CONMON, and POA&Ms Experience with obtaining and maintaining a system level Authorization to Operate (ATO) and Interim Authorization to Test (IATT) Ability to work will with other engineers on a high pressure, schedule driven program Familiarity with system architectures, networking, and operating systems (e.g., Linux, Windows) Excellent communication (written and oral), negotiation and interpersonal skills necessary to support known Information Systems Security Engineering type activities/challenges working with engineering teams, management, customers, partners and government Active IAT Level II certification (e.g. Security+), or higher DoD 8570 certification for IAM-III (CISSP, CISM, GSLC, CCISO) or IAT-III (GCIH, CISSP, CASP+, CCNP Security, CISA, GCED) Excellent interpersonal skills with the ability to work both independently and within a team environment Preferred Qualifications: Experience with Agile development Understands methods for hardening and maintaining secure architectures Experience working with eMASS and/or Xacta Experience with Ground and Space systems and/or Command and Control systems Python and shell scripting ability Experience with DevSecOps Experience configuring and maintaining VMware vSphere Basic understanding of IPv4 networking fundamentals Basic understanding of information assurance principles in the DoD environment Possesses knowledge of External/Internal System Security Tools Basic /Advanced Systems Administration in major COTS SW platforms