Job Requirements
Co Spgs, CO
Secret Polygraph not specified
Early Career (2+ yrs experience)
$100,000 - $120,000
Job Description
• Company: Northrop Grumman
• Position: A&A Cyber Engineer
• Location: 9975 Federal Drive
• Duration: long term, ongoing contract – we are a direct sub to the C2BMC program
• Clearance: Secret, will hold TS if you already have it
• Program – C2BMC
"The successful candidate will be expected to communicate and work closely with C2BMC Operational ISSOs in direct support of the operational eMASS packages managed by the A&A team. Additionally, a qualified candidate must collaborate closely with system owners, cyber peers, program office technical and management staff, and other C2BMC functional areas to ensure the C2BMC fielded system achieves and maintains the proper authorization for connection, testing, and operational purposes.
Essential Functions:
• Assist with Cyber Products analysis, vulnerability mitigation, and POA&M management to help the team successfully deliver eMASS packages, ports, protocols, and services (PPS) according to contract schedules
• The primary focus for the qualified candidate will include rotating and combining technical documentation, surge support for authorization packages in eMASS, assessing vulnerabilities, engineering responses for system POA&Ms, proposal support, and conducting risk analysis for Risk Acceptance Requests (RARs)
Basic Qualifications:
Please list your current security clearance and IAT or relevant certifications on your resume, if applicable.
• A Bachelor’s Degree in Computer Science, Computer Engineering, Cybersecurity Engineering, Electrical Engineering, Information Technology, Mathematics, Physics, or a related field from an accredited university, along with 2 years of experience; or a Master’s degree in a related field with 1 years of relevant work experience; or 6 years of relevant work experience may be considered as an alternative to a degree
• Applicants must have a current, active DoD 8140 certification at IAT Level II or higher (such as Security+ CE, CCNA-Security, CySA+, CND, etc.) at the time of application, which is required to start. The candidate is responsible for maintaining their DoD 8140 certification throughout the entire contract period
• Applicants must have a current, active in-scope DoD-issued Secret security clearance at the time of application, which is required to start
• Strong working knowledge of cybersecurity capabilities such as patch management, multi-factor authentication, host-based security, intrusion detection, security event management, active/passive system scanning, and defense-in-depth
• Recent experience and familiarity with creating or updating Assessment and Authorization (A&A) packages for RMF Authority to Operate (ATOs) are required
• Requires a working knowledge of Information Assurance (IA) technology, NIST standards, DoDI 8500.2, and Risk Management Framework (RMF) Security Controls
• Should understand the Agile Development Lifecycle, including reviewing requirements and architecture design documents, using Cyber audit tools, conducting cyber verification audits (vulnerability and compliance audits), performing Cyber vulnerability scans, and engaging in Cyber configuration auditing activities
Preferred Qualifications:
• Experience in hardening Windows and Linux servers and workstations in accordance with GPOs, IAVMs, and STIGs is preferred
• Having experience in network design and software engineering is a plus
• Technical document preparation and verbal communication skills necessary for presenting technical Cyber issues and reports to the Government, Program Management, and other C2BMC Functional Areas are preferred
• Experience with scripting languages such as Python and PowerShell to solve complex data analysis problems, along with in-depth cyber vulnerability analysis experience, is highly desired
• Recent hands-on experience with Agile execution, tools, and methodologies is highly desired, along with familiarity with vulnerability scanning and analysis tools such as ACAS (Tenable.sc / Nessus Vulnerability scanner), Evaluate-STIG, STIG Manager, and Trivy are also highly desirable"
• Position: A&A Cyber Engineer
• Location: 9975 Federal Drive
• Duration: long term, ongoing contract – we are a direct sub to the C2BMC program
• Clearance: Secret, will hold TS if you already have it
• Program – C2BMC
"The successful candidate will be expected to communicate and work closely with C2BMC Operational ISSOs in direct support of the operational eMASS packages managed by the A&A team. Additionally, a qualified candidate must collaborate closely with system owners, cyber peers, program office technical and management staff, and other C2BMC functional areas to ensure the C2BMC fielded system achieves and maintains the proper authorization for connection, testing, and operational purposes.
Essential Functions:
• Assist with Cyber Products analysis, vulnerability mitigation, and POA&M management to help the team successfully deliver eMASS packages, ports, protocols, and services (PPS) according to contract schedules
• The primary focus for the qualified candidate will include rotating and combining technical documentation, surge support for authorization packages in eMASS, assessing vulnerabilities, engineering responses for system POA&Ms, proposal support, and conducting risk analysis for Risk Acceptance Requests (RARs)
Basic Qualifications:
Please list your current security clearance and IAT or relevant certifications on your resume, if applicable.
• A Bachelor’s Degree in Computer Science, Computer Engineering, Cybersecurity Engineering, Electrical Engineering, Information Technology, Mathematics, Physics, or a related field from an accredited university, along with 2 years of experience; or a Master’s degree in a related field with 1 years of relevant work experience; or 6 years of relevant work experience may be considered as an alternative to a degree
• Applicants must have a current, active DoD 8140 certification at IAT Level II or higher (such as Security+ CE, CCNA-Security, CySA+, CND, etc.) at the time of application, which is required to start. The candidate is responsible for maintaining their DoD 8140 certification throughout the entire contract period
• Applicants must have a current, active in-scope DoD-issued Secret security clearance at the time of application, which is required to start
• Strong working knowledge of cybersecurity capabilities such as patch management, multi-factor authentication, host-based security, intrusion detection, security event management, active/passive system scanning, and defense-in-depth
• Recent experience and familiarity with creating or updating Assessment and Authorization (A&A) packages for RMF Authority to Operate (ATOs) are required
• Requires a working knowledge of Information Assurance (IA) technology, NIST standards, DoDI 8500.2, and Risk Management Framework (RMF) Security Controls
• Should understand the Agile Development Lifecycle, including reviewing requirements and architecture design documents, using Cyber audit tools, conducting cyber verification audits (vulnerability and compliance audits), performing Cyber vulnerability scans, and engaging in Cyber configuration auditing activities
Preferred Qualifications:
• Experience in hardening Windows and Linux servers and workstations in accordance with GPOs, IAVMs, and STIGs is preferred
• Having experience in network design and software engineering is a plus
• Technical document preparation and verbal communication skills necessary for presenting technical Cyber issues and reports to the Government, Program Management, and other C2BMC Functional Areas are preferred
• Experience with scripting languages such as Python and PowerShell to solve complex data analysis problems, along with in-depth cyber vulnerability analysis experience, is highly desired
• Recent hands-on experience with Agile execution, tools, and methodologies is highly desired, along with familiarity with vulnerability scanning and analysis tools such as ACAS (Tenable.sc / Nessus Vulnerability scanner), Evaluate-STIG, STIG Manager, and Trivy are also highly desirable"
group id: 10112344
Defining Company Culture
