Cyber Information Systems Security Analyst

Northrop Grumman Rolling Meadows , IL 60008

Posted 4 months ago

Put your years of experience into a future of excellence... Northrop Grumman is seeking a qualified Cyber Information Systems Security Analyst to join the Information Security team in Rolling Meadows, IL. The Cyber Security organization has overall responsibility for providing information security oversight to all Northrop Grumman classified systems under their respective purview.

Responsibilities will include, but are not limited to:

  • Perform assessments of systems and networks within the networking environment or enclave and identify where those systems and networks deviate from acceptable configurations, enclave policy, or local policy. This is achieved through passive evaluations such as compliance audits and active evaluations such as vulnerability assessments.

  • Establishes strict program control processes to ensure mitigation of risks and supports obtaining certification and accreditation of systems. Includes support of process, analysis, coordination, security certification test, security documentation, as well as investigations, software research, hardware introduction and release, emerging technology research inspections and periodic audits.

  • Assist in the implementation of the required government policy (i.e., NISPOM, JSIG etc), make recommendations on process tailoring, participate in and document process activities.

  • Perform analyses to validate established security requirements and to recommend additional security requirements and safeguards.

  • Support the formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results and preparation of required reports.

  • Document the results of Certification and Accreditation activities and technical or coordination activity and prepare the system Security Plans and update the Plan of Actions and Milestones POA&M.

  • Periodically conduct a complete review of each system's audits and monitor corrective actions until all actions are closed.

ESCSO

ITS3500

Basic Qualifications:

  • Master's degree with 0 years of experience; OR a Bachelor's degree with 2 years of experience; OR an Associate's degree with 4 years of experience; OR a High School Diploma/GED with 6 years of experience is required

  • Must have a DoD 8570 IAM level 1 security certification (example: Security CE); OR must be able to obtain and maintain one within 6 months of start date

  • Candidates must have a current DOD Secret level security clearance (or higher) in order to be considered

Preferred Qualifications:

  • The ideal candidate will have a Master's degree in Cyber Security, a current Security CE, and 2 years of ISSO experience with RMF in a classified environment

  • Knowledge of ACAS, NESSUS, SPLUNK, SCAP, NIST 800-53rev4, system audits using an SIEM, vulnerability scanning, and DSS and/or JSIG system security package development are highly desirable

  • Current Top Secret clearance preferred

Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit www.northropgrumman.com/EEO. U.S. Citizenship is required for most positions.


icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Cyber Information Systems Security Manager 2

Northrop Grumman

Posted 2 months ago

VIEW JOBS 7/24/2019 12:00:00 AM 2019-10-22T00:00 As a leader with Northrop Grumman, you always act with integrity, and the highest ethical standards characterize everything you do. You enable your team to achieve predictable and balanced results, while satisfying the needs of internal and external partners. You treat all people with respect, and you model personal growth and continuous development. You know how to build an inclusive environment that attracts, retains, and inspires a diverse and engaged team. You develop trusted and valued customer relationships and communicate effectively, so that people throughout the organization feel engaged and connected to their work. You deliver excellence, strive for continuous improvement and respond vigorously to change. You ensure that your team has the information and tools needed to perform at their best. You demonstrate our committed pursuit of applying innovation to meet the requirements of our customer. You craft and execute strategies that result in sustainable value creation that delivers measurable results. The Cyber Information Systems Security team is actively looking for a frontline Manager of Cyber Information Assurance that will manage a team of Cyber Security Exempt and Non-Exempt employees (Security Coordinators, ISSOs, and ISSMs) from our Rolling Meadows, IL location. The team performs assessments of systems and networks within the networking environment, or enclave, and identifies where those systems and networks deviate from acceptable configurations, enclave policy, or local policy. This is achieved through passive evaluations such as compliance audits, as well as active evaluations such as vulnerability assessments. The manager will establishes strict program control processes to ensure mitigation of risks and supports obtaining certification and accreditation of systems. This includes support of process, analysis, coordination, security certification test, security documentation, as well as investigations, software research, hardware introduction and release, emerging technology research inspections and periodic audits. Additionally, the manager will assist in the implementation of the required government policy (i.e., JSIG), NISPOM (DAAPM primarily), ICDs), make recommendations on process tailoring, participate in and document process activities. They will monitor and perform analyses to validate established security requirements and to recommend additional security requirements and safeguards. The leader will support the formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results and preparation of required reports. And they will make sure that all results of Assessments and Accreditation activities and technical or coordination activity are documented, that the Body of Evidence (BoE) and update the Plan of Actions and Milestones (POA&M) are prepared. Also, they will periodically conduct a complete review of each system's audits, and monitor corrective actions until all actions are closed. This position will ensure the management/coordination with classified programs on the design, testing, and implementing state-of-the-art secure operating systems, networks, database products, firewalls, and network architectures meet government classified Cyber Information Assurance compliance requirements (NIST, EMAS, RMF, etc.). The role will ensure compliance with all associated systems/networks to achieve and maintain formal accreditation authorizations from government agencies. The successful candidate will establish an inclusive culture within a geographically diverse environment and will be responsible for the following: * Managing a team of Cyber Information Systems Security (CISS) Professionals * Establishing a strict program control processes to ensure mitigation of risks and support obtaining formal Assessment & Authorization of systems Assisting in the implementation of the required government policy (i.e. DAAPM (primary), JSIG ICD-503). This may include project management * Ensuring the team follows Northrop Grumman and the Cyber ISS organization's policies and procedures. * That information is accurate and complete in support of those policies and procedures * Supporting the formal Security Assessment process required by the company or government customer * Regularly communicating and coordinating with program management teams, the Enterprise Services Program Management Office Team, the Information Technology Organization and Industrial Security To learn more about our hiring process for manager positions, please view our, Selecting the Best Qualified Managers video: www.northropgrumman.com/SQMVideo ESCSO IT3500 NGFeaturedJobs Basic Qualifications: * Master's degree with 6 years of Information Systems Security experience; OR a Bachelor's degree with 8 years Information Systems Security experience is required * Must have work experience in at least two of the following three areas: National Industrial Security Program (NISP), Department of Defense Special Access Programs (DoD SAP), Sensitive Compartmented Information (SCI) programs * Must hold a current DOD 8570 IAM Level III security certification (Examples: CISM, GSLC, CISSP, CCISO) * Candidates must have a current DOD Top Secret level security clearance with an original adjudication, or a periodic reinvestigation date, completed within the last 6 years to be considered * Must have the ability to obtain, and maintain, access to Special Programs as a condition of continued employment Preferred Qualifications: * The ideal candidate will have a Master's Degree in Cyber Security, Information Security, or similar STEM related discipline, to include 10 years of ISSO/ISSM experience under RMF in a DSS or JSIG environment * In depth knowledge of the Special Access Program classified system accreditation process (JSIG) * Prior experience in a leadership or management role would be desirable Diverse classified information systems security / information assurance background * Excellent communication skill * Prior experience communicating with both Program and Division senior leadership * Prior experience with ICD-503 * Active Top Secret/SCI clearance with SAP/SAR access highly desirable Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit www.northropgrumman.com/EEO. U.S. Citizenship is required for most positions. Northrop Grumman Rolling Meadows IL

Cyber Information Systems Security Analyst

Northrop Grumman