At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history.
Northrop Grumman Innovation Systems designs, builds and delivers space, defense and aviation-related systems to customers around the world. Our main products include launch vehicles and related propulsion systems; missile products, subsystems and defense electronics; precision weapons, armament systems and ammunition; satellites and associated space components and services; and advanced aerospace structures.
Northrop Grumman Innovation Systems is seeking an Information Systems Security Officer(ISSO) to provide support to our Plant Protective Services Team in our Promontory, Utah offices. This position will assist with providing oversight, policy, procedure development, and related functions in compliance with RMF (JSIG), DoD 5205.07, vol. 1-4, and NISPOM. As part of the Security Team, the position is responsible for day-to-day implementation and compliance in operation and maintenance of security requirements, both technical and administrative, on classified information systems.
The ISSO will provide assistance in implementing the cyber security program. They must ensure all information security requirements are followed and users have completed required training. Additionally, they must verify users are following established information security procedures and provide users with information on computer salvaging, incident reporting and minimum computer protections. The ISSO is responsible for ensuring unauthorized personnel are not granted use of, or access to, classified information systems.
Assist the Information Systems Security Manager (ISSM) in meeting duties and responsibilities.
Ensure systems are operated, maintained, and disposed of in accordance with security policies and procedures as outlined in the security authorization package.
Participate in technical and security training (e.g., operating system, networking, security management) relative to assigned duties.
Conduct weekly systems audits of both automated and manual audit logs.
Assist with software patch installation, antivirus updates, and conducting security self-reviews.
Ensure all users have the requisite security clearances, authorization, need-to-know, and are aware of their security responsibilities before gaining access to the IS.
Provide initial and refresher user training for classified systems
User Support create/modify/delete user accounts; assist with lock-outs
Perform continuous monitoring reviews of information systems to ensure compliance with the security authorization package.
Report all security-related incidents to the ISSM.
Monitor system recovery processes to ensure security features and procedures are properly restored and functioning correctly.
Coordinate any changes or modifications to hardware, software, or firmware of a system with the ISSM to ensure compliance with configuration management policy.
Ensure all IS security-related documentation is current and accessible to properly authorized individuals.
Formally notify the ISSM when changes occur that might affect system authorization.
Serves as the Data Transfer Agent for classified systems
Must be available for occasional after hours assistance.
This position requires a DoD security clearance. Applicants must have the ability to obtain and maintain a clearance, which requires U.S. citizenship
Proven ability to work independently and in a team environment to analyze problems, propose solutions to management, and deploy and document implemented solutions.
Demonstrated knowledge of classified and unclassified computer security requirements of the Department of Defense (DOD) or another US Government agency as needed (i.e., DAAPM).
Demonstrated experience working as/with Information Security Site Managers (ISSMs) and Authorizing Officials (AOs).
Have a thorough understanding of the principles of Information Security including Risk Management Framework (RMF)(JSIG) and NISPOM Chapter 8.
Demonstrated experience implementing federally mandated and locally developed computer security policies and procedures.
In-depth knowledge of security and compliance implications in multi-user, multi-platform, and secure distributed computing environments.
Demonstrated experience writing computer security policies, security procedures, security plans, testing security controls, disaster recovery plans, configuration management plans, and other related documentation.
Demonstrated experience mentoring staff related to IT security and certification and accreditation processes.
Ability to effectively communicate and coordinate computer security policies and procedures at all levels both orally and in writing.
Direct experience implementing technologies to support the continuous monitoring of required computer security controls.
Demonstrated successful experience working in high-pressure situations such as audits and assessments.
Also requires a general knowledge of security disciplines in Physical, Program, Personnel and Computer Security.
Current COMP TIA Security required within 6 months of start
Education: Bachelor's degree, preferably in Cyber Security, Computer Science or Information Assurance is desired, degree-in-progress may be acceptable with sufficient experience.
Active TS/SCI Clearance, applicants must have the ability to obtain and maintain an SCI/SAP eligibility
Previous experience as a CPSO or FSO is preferred.
Working knowledge of COMSEC equipment to include handling key material and troubleshooting encryption devices.
Experience in maintaining system logs for audit compliance
A record of accomplishments and expertise in undertaking and/or managing computer security projects
Knowledge in cyber security best practices and standard including National Institute of Standards and Technology (NIST) publications
Knowledge of security considerations for modern operating systems
Current experience supporting ISSM/ISSO tasks in defense industry or other U.S. government facility
Experience monitoring computer systems to ensure compliance with computer security requirements
Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit www.northropgrumman.com/EEO. U.S. Citizenship is required for most positions.