Security Engineer-20003480

Location: Washington
US Citizenship Required for this Position: Yes
Relocation Assistance: No
Clearance Type: Secret
Number of Openings : 2
Shift : 1st Shift

Are you interested in expanding your career through experience and exposure, all the while supporting a mission that seeks to ensure the security of our nation and its allies If so, then Northrop Grumman may be the place for you. As a leading global security company providing innovative systems, products and solutions to customers worldwide, Northrop Grumman offers an extraordinary portfolio of capabilities and technologies. Here at Northrop Grumman we are comprised of professionals that bring different perspectives, are curious about the world, accepting of each other, and understand that the more ideas, backgrounds, and experiences we bring to our work then the more innovative we can be. As we continue to build our talented workforce we look for professionals that exemplify our core values, leadership characteristics, and approach to innovation.

 Northrop Grumman is looking for highly skilled, dedicated and motivated cleared professionals to join our team in supporting the Department of State (DOS) Consular Affairs Enterprise Infrastructure Operations (CAEIO) Program, for the Bureau of Consular Affairs (CA). This initiative is intended to provide 24x7x365 IT Operations and Maintenance to networks, applications, and databases supporting CA services globally. 

 Job Responsibilities:

Designs and defines system architecture for new or existing complex computer systems. Determines systems specifications, input/output processes, and working parameters for hardware/software compatibility and maintenance of system security. Coordinates design of subsystems and integration of total system. Identifies, analyzes, and resolves program support deficiencies. Develops and recommends corrective actions. May provide technical guidance for database administrators and software developers

 Supports the implementation, configuration, and administration of the Security Event and Event Management (SIEM) processes and tools in the Consular Affairs environment.  Required to support the development, engineering, configuration, implementation, and/or management of security solutions for addressing specific threats, vulnerabilities, or exposures in the environment requested by the Government. 

Collects information from public sources as well as interagency intelligence and Department of State sources outside of CA.  Search across logs on different applications and systems in different time periods based on specific criteria.  Identifies common attributes and linking events together into meaningful bundles to identify threats to CAs environment as well as identifying incidents of compromise which may not have been detected by other sources.  Coordinates the investigation of incidents from all sources as well as supporting investigation, remediation, and recovery activities; as required.  Responds to reports provided by other bureaus and other Government agencies on vulnerabilities and threats. Conducts testing to verify that security solutions intended to mitigate findings in the environment function as intended.  Employs long-term storage of historical data to facilitate correlation of data over time and to provide the retention necessary for compliance requirements.

Document the security controls using the DOS processes and templates, document and maintain security diagrams, plans, documentation, procedures, policies, logs, , and reports. Provide support as required for conducting security tests to validate that required security controls are properly implemented, operate as intended, and produce the desired outcome.

  •  Cooperate with DOS audits, reviews, evaluations, tests, and assessments of contractor systems, processes, and facilities
  • Coordinate with external stakeholders within and outside of DOS in order to coordinate security strategies, initiatives, and incident response/recovery as needed 



Basic Qualifications: 

  • 2 Years with Bachelors in Science; 0 Years with Masters

  • Understand security controls as specified in NIST SP800-53 Rev 4 (or later), Security and Privacy Controls for Federal Information Systems and Organizations

  • Experience standardizing secure installations guides for the Operating Systems, databases, virtual machines and any other configurable SW as needed

  • Familiarity with Defense Information Systems Agency (DISA) Security Technical Implementation Guides(STIGs)) or industry best practices)

  • Familiarity with the following Security Monitoring Operations:

    • Open Source Intelligence Threat (OSINT) monitoring

    • Digital Forensics and Analytics

    • Incident Identification and Correlation

    • Incident Response and Recovery

    • Security Posture Assessment/Cyber Hygiene

  • Familiarity with Patch Management Support

    • Provide oversight and periodic review of the patch management process

    • Deploy and manage all CA patch/security update operations

    • Perform patch and security update deployment testing

    • Monitor, report, and remediate all deployment failures within 24 hours

    • Monitor and report patch and security update compliance for all CA systems weekly

    • Maintain the CA Patch File Transfer Protocol (FTP) site

    • Provide weekly, monthly, and/or as requested patch and security update status reports

    • Comply with DOS rules and regulations governing patch and security update operations

    • Author and maintain SOPs, policies, and appropriate patch/security documentation

    •  Ensure anti-virus tools comply on all devices and monitor, alert, troubleshoot noncompliance incidents

  • Employing long-term storage of historical data to facilitate correlation of data over time and to provide the retention necessary for compliance requirements

  • Network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols, etc.)

  • Advanced Persistent Threats (APT), phishing and social engineering, network access controllers (NAC), gateway anti-malware and enhanced authentication

  • Secret Clearance required to start

Preferred Qualifications: 

  • Bachelors degree in Cybersecurity, IT, Computer Forensics & Digital Investigations, Cyber Operations, or a related field

  • Government specified Enterprise Operations and Networks experience

  • Security related certifications

Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit U.S. Citizenship is required for most positions.


Job ID: 20003480

What's great about
Northrop Grumman

  1. Be part of a culture that thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work..
  2. Use your skills to build and deliver innovative tech solutions that protect the world and shape a better future.
  3. Enjoy benefits like flexible work schedules, education assistance and paid time off.
Secret Required
No - Teleworking not available for this position