We Hire America Jobs

Mobile We Hire America Logo
WeHireAmerica.jobs is a service of HR Policy Foundation and DirectEmployers Association. These two non-profit organizations are providing this free resource to help educators, policy makers and job seekers understand the great employment opportunities available here in the U.S. at some of America's biggest and best companies.

Job Information

Northrop Grumman Sr. Principal Computer System Security Analyst+ in Woodlawn, Maryland

Discover careers that change the world and further advancements in defense, technology, and engineering today at Northrop Grumman. Use your experience to grow your career and support our global customers with the technology, systems, and solutions they need to enable their missions on the front lines and secure our world every day. With Northrop Grumman, you'll discover a culture built on diversity, respect, and above all teamwork. Together with our group of experts across the technical spectrum, you'll discover opportunities to make a difference in our world and start solving some of the world's most critical problems in the most innovative ways.

Northrop Grumman Defense Systems is seeking a Computer System Security Analyst to support the Social Security Administration in Woodlawn, MD.

Description of work:

  • Responsible for cross training others on NIST and RMF.

  • Perform risk analysis within a team for supporting customer requirements.

  • Assess information systems for compliance with the NIST RMF and the associated security controls.

  • Review current security assessment and authorization processes and provide recommendations for improvement.

  • Conduct Security Impact Analysis as per NIST 800-128 guidance.

  • Support the Risk Management Branch by implementing appropriate methods to evaluate risk levels associated with improperly implemented security controls, characterizing aggregate levels of risk to include recommendations to fix, mitigate, or accept the risk.

  • Conduct system security categorizations, security control assessments, risk assessments, and provide recommendations to enhance the security posture of the information system.

  • Draft agency specific security control assessment (SCA) guidance, procedures, and templates to allow thorough and accurate control assessments, risk analysis, and final documentation in the Security Assessment Report (SAR).

  • Analyze Interconnection Security Agreements for compliance to NIST 800-47.

  • Develop Security Risk Assessment Reports (SRA, RAR).

  • Provide support by providing guidance on control requirements and agency implementation.

Qualifications:

Basic Qualifications:

  • Bachelor's degree and 9 years of experience, OR Master's degree and 7 years of experience, OR 13 years of experience in lieu of a degree

  • Must have minimum 4 years' experience in cybersecurity documentation and system authorization artifacts (System Security Plan, lifecycle documentation, continuous monitoring plan, Security Assessment Plan, Security Assessment Report, Risk Assessment, etc.)

  • Minimum of 3 years' experience and working knowledge of one or more of the following:

  • NIST SP 800-53 Security and Privacy Controls for Federal Information Systems and Organizations

  • NIST SP 800-37 Guide for Applying the Risk Management Framework to Federal Information Systems

  • NIST SP 800-30 Guide for Conducting Risk Assessments

  • NIST SP 800-39 Managing Information Security Risk

  • Minimum of 2 years' experience reviewing, analyzing, and documenting the secure implementation of logical controls, physical controls, environmental controls, personnel security and incident handling

  • Prior experience supporting the Federal Government

  • Must be US Citizen or US Permanent Resident (Green card holder)

  • Must be able to obtain and maintain a US Public Trust clearance

Preferred Qualifications:

Candidates with these skills will be given preferential consideration.

  • Prior experience supporting the Social Security Administration-understanding of SSA business processes supporting IT programs, networks, and/or cybersecurity programs

  • CompTia Security+ CISSP certification

  • Has critical thinking/analytical skills, creativity, a proven drive for quality, and excellent technical oral and written communication skills

  • The ability to work independently to determine and develop a risk assessment approach to proposed new agency solutions, only needing review upon completion for adequacy in meeting objectives

  • The ability to interpret and provide consulting on the development of security guidance, and serve as a RMF SME at key stakeholder meetings

  • Has strong organizational skills and an ability to stay focused while managing multiple tasks concurrently

Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit www.northropgrumman.com/EEO. U.S. Citizenship is required for most positions.

Job Category : Information Technology

21000867

DirectEmployers