Northrop Grumman Corporation
Northrop Grummun Innovation Systems is currently seeking a Cyber Information Assurance Anlyst- (ISSM) for our Northridge, CA location.
At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history.
Northrop Grumman Innovation Systems designs, builds and delivers space, defense and aviation-related systems to customers around the world. Our main products include launch vehicles and related propulsion systems; missile products, subsystems and defense electronics; precision weapons, armament systems and ammunition; satellites and associated space components and services; and advanced aerospace structures.
The Information Systems Security Manager (ISSM) will serve as the principal advisor and be responsible for maintaining the classified information systems for the Defense Electronic Systems Division in Northridge, CA
Under the Risk Management Framework (RMF) authorization process. The individual shall provide daily onsite information security support for all systems processing classified information, in accordance with the NISPOM and Customer Security Operating Guideline and requirements.
This will include but are not limited to the following: Working with and coordinating with assigned Information System Security Officer (ISSO), Coordinates, implements and monitors Information Systems Security controls such as policies and procedures plus technical configuration, in accordance with the Risk Management Framework per the National Institute of Standards and Technology (NIST) publications, National Industrial Security Program Operating Manual (NISPOM), Defense Information Systems Agency (DISA) Security Technical Information Guides (STIG), and other DoD issuances.
* Serves as a principal advisor on all information systems matters, technical and otherwise, involving the security of an IS (classified Information System) under her/his purview.
* Ensures physical and environmental protection, personnel security, incident handling, and security training and awareness.
* Monitors a system and its environment of operation to include developing and updating the System Security Plans (SSP) and other artifacts in accordance with company and government standards.
* Manage and control changes to the system, and assessing the security impact of those changes via an established configuration management process.
* Must be trained to the level commensurate with the complexity of the contractor's Information System/s.
* Perform a Risk/Threat Assessment and ensure a Risk Assessment Report (RAR) is completed
* Experience in the usage of SIEM tools and processes.
* Must be able to implement and maintain a comprehensive security vulnerability management program.
* Working knowledge of system security controls on multiple operating systems (Windows, Linux) in a compliance role.
* Under general guidance from management, collaborate with other functions, business units and program staff to develop and implement efficient and appropriate technology, users training, processes, procedures and compliance programs that are integrated seamlessly with day -to-day operations of the organizations computing infrastructure.
* As needed, perform the day to day operations required to maintain the security posture of an accredited Information System by conducting review of audit logs and continuous monitoring.
* Train and consult with ISSOs and IT support staff involved with administering and operating information systems.
* Build strong relationships with Program Managers and with the security and IT staff to create and improve best practices, drive consistency and improve efficiencies within the computing infrastructure environment.
* On occasion work extended hours to support contractual requirements to meet customer needs. Accomplish other duties as assigned.
* BS in related field.
* 3 years of Information Assurance in system security plan development certification and accreditation process.
* Knowledge of current Government Industrial Security, DoD Standard Guidelines to include
* NISPOM, DCID 6-3, ICD 503 & DoD 5205.07, JAFAN, NISTCNSSI No. 7003 (PDS)
* COMSEC and (DSS) Assessment and Authorization Process Manual (DAAPM) related experience.
* Verbal and written communication skills.
* Minimum of SECRET Security Clearance
* Preferably have a Security Plus Certification -Required.
* CISSP (Certified Information Systems Security Professional) if not already acquired is to be attained within 24 months of employment.
Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit www.northropgrumman.com/EEO. U.S. Citizenship is required for most positions.
About Northrop Grumman Corporation
Northrop Grumman is a provider of autonomous systems, strike, logistics, C4ISR, and cyber solutions for government and commercial customers.