Northrop Grumman Principal Systems Security Engineer in Washington, District Of Columbia
Discover careers that change the world and further advancements in defense, technology, and engineering today at Northrop Grumman. Use your experience to grow your career and support our global customers with the technology, systems, and solutions they need to enable their missions on the front lines and secure our world every day. With Northrop Grumman, you'll discover a culture built on diversity, respect, and above all teamwork. Together with our group of experts across the technical spectrum, you'll discover opportunities to make a difference in our world and start solving some of the world's most critical problems in the most innovative ways.
Northrop Grumman is seeking a Principal Systems Security Engineer to support our Federal government client. The purpose of this position is to manage the U.S. State Department's Consular Affairs Enterprise Infrastructure Operations (CAEIO) team that provides mission critical information technology (IT) resources to approximately 250 overseas posts including domestic Passport Agencies, Visa Processing Centers, DoS annexes, and contractor sites, in a 24/7/365 environment. The team also supports approximately 10,000 worldwide clients including 1,200 Consular Affairs customers at locations in the Washington DC National Capitol Region
Roles and Responsibilities May Include:
• Perform IA and compliance support services to maintain production system security posture, which includes engineering, implementing, operating, and monitoring.
• Engineer and implement security practices into current and future systems and processes.
• Support the Assessment & Authorization (A&A) process
• Support Plan of Action and Milestone (POA&M) findings develop/implement remediation, as assigned by the customer as well as POA&M status reporting.
• Support the identification, remediation, tracking, management, and/or validation of findings from other sources outside of the A&A process.
• Use Windows and/or Linux System Administrator skills to validate remediation of POA&Ms or reflect successful deployment of patches.
• Perform adhoc vulnerability assessments using NESSUS or NEXPO tools and analyze and report on the results.
• Maintain standard configurations in compliance with DOS security standards.
• Manage security compliance using the Group Policy Object (GPO).
• Support activities related to Firewall Enclaving and Network Segregation
• Provide oversight and periodic review of the patch management process.
• Deploy and manage all CA patch/security update operations.
• Author and maintain SOPs, policies, and appropriate patch/security documentation including policies detailing patch and security update processes and procedures.
• Ensure anti-virus tools comply on all devices and monitor, alert, troubleshoot noncompliance incidents.
• Audit User and Service accounts for stale and over-privileges
• Perform End of Life assessments
• Update Software & Systems Boundary documentation
• Monitor email and tickets and respond to security related inquiries
• Attend Senior Management Briefings
• Bachelor's degree and five (5) years of professional experience and a high school diploma and nine (9) years of professional experience.
• U.S. Citizen and active Secret clearance to start. Active Top Secret clearance preferred.
• Experience in Risk Management Framework
• Must have hands-on experience with RedHat or Oracle Linux OS.
• Hands on experience with Windows, VMWare, Salesforce, or Azure administration.
• Experience with security controls and ATO process for cloud based environments including deploying solutions on public/hybrid clouds
• Understanding of cloud (IaaS/PaaS/SaaS) controls and migration to public and government Clouds in compliance with FedRAMP based classifications
• Experience with IBM Rational Collaborative Lifecycle Management
• Experience working with an Agile, preferably SAFe, development methodology
• Current in at least one of the following 8570 IAT Level III certifications: CASP, CISSP, CISA, GCED, GCIH or GSEC
• Familiarity with DevSecOps, SDLC, CI/CD pipelines
• Hands on experience with Nessus
Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit www.northropgrumman.com/EEO. U.S. Citizenship is required for most positions.
Job Category : Information Technology