Cyber Info Assurance Anlyst-20004761

Location: United States
US Citizenship Required for this Position: Yes
Relocation Assistance: No
Clearance Type: Top Secret
Number of Openings : 1
Shift : 1st Shift

Northrop Grumman is looking for highly skilled, dedicated and motivated Cyber Information Assurance Analyst to serve as the Information System Security Manager (ISSM) for networks supporting US Air Force (USAF) and US Department of Homeland Security (DHS) / Customs and Border Protection (CBP) customers. The candidate will ensure the Risk Management Framework (RMF) requirements are implemented, functional and kept up to date.  Must be able to work in a high paced, dynamic and aggressive environment with minimal supervision.  The ideal candidate will have at least 5 years of experience in the design, development, and management of overall network security posture.

  • Perform assessments of the networks to identify where those systems and networks deviate from acceptable configurations, enclave policy or local policy.
  • Perform passive evaluations such as compliance audits and active evaluations such as vulnerability assessments.

  • Establish strict program control processes to ensure mitigation of risks and support obtaining certification and accreditation of networks.

  • Implement the required government policies (i.e., NISPOM, NIST Publications, DoD Directives, and DHS/CBP Directives).

  • Interface with the Defense Counterintelligence and Security Agency (DCSA) technical representative, as well as the CBP Information System Security Officer (ISSO).

  • Make recommendations on process tailoring, participate in and document process activities.

  • Perform analyses to validate established security requirements and to recommend additional security requirements and safeguards.

  • Support the formal Security Test and Evaluation (ST&E) required by each government agency accrediting authority through pre-test preparations, participation in the tests, analysis of the results and preparation of required reports.

  • Document the results of Certification and Accreditation activities and technical or coordination activity.

  • Prepare the System Security Plans, as well as update the respective Plan of Actions and Milestones (POA&M).

  • Periodically conduct a complete review of each systems audits and monitor corrective actions until all actions are closed.

  • Provide advice on technical security related items to the Program Manager (PM), Deputy Program Manager (DPM) and/or the Facility Security Officer (FSO).  Perform other duties as designated by the PM

  • Develop, maintain, and oversee the system security program and policies.

  • Ensure compliance with current cyber security policies, concepts and measures.

  • Develop and implement an effective system security education, training, and awareness program.

  • Perform risk assessments and documenting results in a Risk Assessment Report and keep the risk assessment current throughout the system life cycle.

  • Ensure audit records are collected and analyzed in accordance with the system security authorization package.



Basic Qualifications:   

  • Bachelors Degree with 5 years of experience.

  • Active DOD Top Secret security clearance.

  • Certified Information Systems Security Professional (CISSP).

  • Minimum of 5 years hands-on experience in two or more of the eight domains listed in the CISSP Common Body of Knowledge.

  • Thorough understanding with DODs and DHS/CBPs Risk Management Framework (RMF).

  • Understanding of security controls specified in NIST SP 800-53 Rev 4 (or later).

  • Demonstrated experience writing computer security policies, security procedures, security plans, testing security controls, disaster recovery plans, configuration management plans and other related documentation.

  • Experience implementing technologies to support the continuous monitoring of required computer security controls.

  • General knowledge of security disciplines in Physical, Program, Personnel and Computer security.

  • Familiarity with Microsoft Office suite to include Visio/Excel/ PowerPoint/Project.

Preferred Qualifications: 

  • Experience implementing DISA STIGs.

  • Familiarity with the US Cyber Commands Cyber Command Readiness Inspection (CCRI) process.

  • Experience with maintaining system logs for audit compliance.

  • Broad grasp of involved practices and procedures pertaining to information and physical security requirements.

  • Working knowledge of security policies, technical security safeguards and operational security measures.

  • Experience with developing and implementing an effective system security education, training and awareness program.

  • Experience with developing, maintaining, and updating in coordination with all system stakeholders, POA&Ms in order to identify system weaknesses, mitigating actions, resources and timelines for corrective actions.

  • Experience with conducting periodic assessments of authorized systems and ensuring corrective actions are taken for all identified findings and vulnerabilities.

  • Experience with ensuring proper measures are taken when a system incident or vulnerability affecting the systems or information is discovered.

  • Experience with tracking and responding to Information Assurance Vulnerability Alerts (IAVA).

Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit U.S. Citizenship is required for most positions.


Job ID: 20004761

What's great about
Northrop Grumman

  1. Be part of a culture that thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work..
  2. Use your skills to build and deliver innovative tech solutions that protect the world and shape a better future.
  3. Enjoy benefits like flexible work schedules, education assistance and paid time off.
Top Secret Required
No - Teleworking not available for this position