Cyber Information Systems Security Analyst 3/4 (ISSM)

  • Full Time
  • ANALYST
  • USA
  • Posted 3 weeks ago
  • Salary: $101,200.00 - $151,800.00 and $125,500.00 - $188,300.00
  • US CITIZENSHIP REQUIRED FOR THIS POSITION ; Candidates must have a current DOD Top Secret level security clearance

Company Details

Northrop Grumman solves the toughest problems in space.

US CITIZENSHIP REQUIRED FOR THIS POSITION: Yes
RELOCATION ASSISTANCE: Relocation assistance may be available
CLEARANCE TYPE: Top Secret
TRAVEL: Yes, 10% of the Time

Description

Join Northrop Grumman on our continued mission to push the boundaries of possible across land, sea, air, space, and cyberspace. Enjoy a culture where your voice is valued and start contributing to our team of passionate professionals providing real-life solutions to our world’s biggest challenges. We take pride in creating purposeful work and allowing our employees to grow and achieve their goals every day by Defining Possible. With our competitive pay and comprehensive benefits, we have the right opportunities to fit your life and launch your career today.

Perform an Information System Security Manager (ISSM) role through assessments of systems and networks within the networking environment or enclave and identify where those systems and networks deviate from acceptable configurations, enclave policy, or local policy. This is achieved through passive evaluations such as compliance audits and active evaluations such as vulnerability assessments. Establishes strict program control processes to ensure mitigation of risks and supports obtaining certification and accreditation of systems. Includes support of process, analysis, coordination, security certification test, security documentation, as well as investigations, software research, hardware introduction and release, emerging technology research inspections and periodic audits. Assist in the implementation of the required government policy (i.e., NISPOM, DCID 6-3), make recommendations on process tailoring, participate in and document process activities. Perform analyses to validate established security requirements and to recommend additional security requirements and safeguards. Support the formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results and preparation of required reports. Document the results of Certification and Accreditation activities and technical or coordination activity and prepare the system Security Plans and update the Plan of Actions and Milestones POA&M. Periodically conduct a complete review of each system’s audits and monitor corrective actions until all actions are closed.

This is a dual level requisition and it can be filled at either level 3, or level 4, depending upon the skills, certification, education, and experience of candidate relative to the qualifications below.

Basic Qualifications for a level 3:

  • Master’s Degree with 3 years of experience; OR a Bachelor’s Degree with 5 years of experience; OR an Associate’s Degree with 7 years of experience; OR a High School Diploma/GED with 9 years of experience is required
  • Must have a current DoD 8570 IAM level II (or higher) security certification (examples: CAP, CASP CE, HCISPP, CISM, GSLC, CISSP, CCISO) ; OR must be able to obtain the certification within 6 months of start date
  • Must have Risk Managed Framework (RMF) experience
  • Candidates must have a current DOD Top Secret level security clearance, to include a closed investigation date completed within the last 6 years, in order to be considered
  • Must have the ability to obtain, and maintain, access to Special Programs as a condition of continued employment

Basic Qualifications for a level 4:

  • Master’s Degree with 7 years of experience; OR a Bachelor’s Degree with 9 years of experience; OR an Associate’s Degree with 11 years of experience; OR a High School Diploma/GED with 13 years of experience is required
  • Must have a current DoD 8570 IAM level III security certification (CISM, GSLC, CISSP, CCISO); OR must be able to obtain the certification within 6 months of start date
  • Must have Risk Managed Framework (RMF) experience
  • Candidates must have a current DOD Top Secret level security clearance, to include a closed investigation date completed within the last 6 years, in order to be considered
  • Must have the ability to obtain, and maintain, access to Special Programs as a condition of continued employment

Preferred Qualifications:

  • The ideal candidate will have a Master’s degree in Cybersecurity, a CISSP, and 8 years of experience with certification and accreditation of systems and network in a classified environment under RMF
  • Knowledge of ACAS, NESSUS, SPLUNK, SCAP, POA&Ms, NIST, DIACAP, NISPOM, system audits, vulnerability scanning, and RMF package development preferred
  • Previous ISSM experience
  • Experience with LAN/WAN or other network system administration
  • Experience working on Windows platforms
  • Current SAP/SAR access is highly desirable

Employees may be eligible for a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results. Employees in Vice President or Director positions may be eligible for Long Term Incentives. In addition, Northrop Grumman provides a variety of benefits including health insurance coverage, life and disability insurance, savings plan, Company paid holidays and paid time off (PTO) for vacation and/or personal business.

Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit http://www.northropgrumman.com/EEO. U.S. Citizenship is required for most positions.

Tagged as: lan/wan, nispom and dcid 6-3, risk managed framework (rmf), network system administration

Visit us on LinkedInVisit us on FacebookVisit us on Twitter