At the heart of Defining Possible is our commitment to missions. In rapidly changing global security environments, Northrop Grumman brings informed insights and secure technological solutions to enable strategic objectives. We’re looking for innovators who can help us keep building on our wide portfolio of secure, affordable, integrated, and multi-domain systems and technologies that fuel those missions. By joining in our shared mission, we will support you in expanding your personal network and developing skills, whether you are new to the field or an industry thought leader. At Northrop Grumman, you will have the resources, support, and team to do some of the best work of your career.
Northrop Grumman Mission Systems is seeking a Sr. Principal Cybersecurity Analyst to join its Classified Solutions team in Rolling Meadows, IL. Please note that due to the classified nature of this position, the selected candidate will be required to work on-site, full-time, at our Rolling Meadows, IL campus - this is not a remote work opportunity.
Job responsibilities will include but not be limited to the following:
Lead and support a team of ISSOs and continuous monitoring of classified system/facility controls at the Rolling Meadows campus and identify where those systems and networks deviate from acceptable configurations, DCSA policy, and/or Organizational policy; this is achieved through passive evaluations such as reviewing reports on key risk indicators (KRIs) and active evaluations such as vulnerability assessments.
Maintain strict program control processes to ensure mitigation of risks; support 100% on-time submission and maintenance of system authorizations to operate (ATOs); this will include reviewing, managing and modifying System Security Plans (SSPs) in Enterprise Mission Assurance Support Service (EMASS), coordination and collaboration with USG personnel, system assessments, extensive security documentation review, as well as investigations, software research, hardware introduction and release, emerging technology research, inspections, and periodic audits.
Maintain adherence to and implement controls required by Government policy (i.e., 32 CFR Part 177 (NISPOM), DAAG v1.1), make recommendations on process tailoring, and lead Organizational policy updates.
Chair weekly Change Control Board (CCB) meetings and perform and review Security Impact Analyses (SIAs) on proposed system changes.
Ensure privileged personnel (e.g. Auditors, Computer Support, System/Network Administrators, and Data Transfer Agents (DTAs) are appropriately trained, certified, and that they are performing those functions in accordance with cited Government policy.
Support Customer and Company Audits required by each entity through self-inspections, organization and participation in the Audits, fielding questions, preparing required responses, and mitigating any findings.
Coordinate completion of outstanding Plans of Actions and Milestones (POA&Ms) with key stakeholders by providing risk determinations to Program Management using effective and proactive communication.
Monitor control key performance indicators (KPIs) and provide feedback to Management on effectiveness
Basic Qualifications:
PhD with 4 years of relevant experience, or a Master’s degree with 6 years of relevant experience, or a Bachelor’s degree with 8 years of relevant experience, or an Associate’s degree with 10 years of relevant experience; a High School Diploma or equivalent with 12 years of relevant experience may be considered in lieu of a completed degree.
Applicants must have a current U.S. Government Secret level security clearance, to include a closed investigation date completed within the last 6 years or must be enrolled in the DoD Continuous Evaluation Program (CEP), to be considered; the required security clearance must be maintained as a condition of continued employment.
Current U.S. Government 8140/8570 IAM level II security certification (e.g. SecurityX, CASP+, CGRC); the selected candidate will be required to obtain and maintain an IAM level III security certification (e.g. CISM, CISSP, CCISO), within 6 months of start date as a condition of continued employment.
Knowledge of NIST, NISPOM, DAAG, ACAS, NESSUS, SPLUNK, STIGs, POA&Ms, system audits, vulnerability scanning, and/or RMF process knowledge.
Preferred Qualifications:
Bachelor’s degree in Cybersecurity and 3+ years of Risk Management Framework experience.
3+ years of experience using Tenable Security Center, ACAS, or a similar security scanning tool for vulnerability scanning.
Proficiency with RMF (i.e. NIST SP 800-53) and tracking ATOs using EMASS.
Ability to effectively communicate and present cybersecurity KRIs and KPIs to a wide array of stakeholders outside of the direct team (e.g. IT, Engineers, Program Management and Executives).
Strong technical writing skills and reading comprehension to support a large facility with multiple programs and many policies.
Strong ability to multi-task and proficiency in interdepartmental communication.
We offer flexible work arrangements, phenomenal learning opportunities, exposure to a wide variety of projects and customers, and a very friendly team environment. At Northrop Grumman, we are on the cutting edge of innovation. Our diverse portfolio of programs means there are endless paths to cultivate your career. We also offer exceptional benefits/healthcare, a 9/80 work schedule, and a great 401k matching program. Come join us!
Primary Level Salary Range: $135,800.00 - $203,600.00The above salary range represents a general guideline; however, Northrop Grumman considers a number of factors when determining base salary offers such as the scope and responsibilities of the position and the candidate's experience, education, skills and current market conditions.Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results. Employees in Vice President or Director positions may be eligible for Long Term Incentives. In addition, Northrop Grumman provides a variety of benefits including health insurance coverage, life and disability insurance, savings plan, Company paid holidays and paid time off (PTO) for vacation and/or personal business.The application period for the job is estimated to be 20 days from the job posting date. However, this timeline may be shortened or extended depending on business needs and the availability of qualified candidates.Northrop Grumman is an Equal Opportunity Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO and pay transparency statement, please visit http://www.northropgrumman.com/EEO. U.S. Citizenship is required for all positions with a government clearance and certain other restricted positions.