- 175661 - Security Lead - VA - C
- Up to $84.05 DOE
- 7 months, CTH
Northrop Grumman Technology Services sector is seeking a Security Lead to join our team of qualified, diverse individuals. This position will be located in McLean, VA. The qualified applicant will become part of Northrop Grumman's Department of State (DOS) Consular Systems Modernization (CSM) Program, for the Bureau of Consular Affairs (CA). This initiative is intended to modernize and consolidate the operational environment under a common technology framework in order to better support the services provided to CA's customers.
Roles and Responsibilities:
o Ensure compliance with all systems security requirements and updates, providing guidance and instruction as necessary to personnel.
o Evaluate security documentation for compliance with application security policy and FISMA and DOS security guidelines.
o Ensure Configuration Management (CM) for security-relevant software, hardware, and firmware is documented and maintained.
o Support certification and accreditation activities ensuring that system security requirements are followed.
o Support the Government in defining and resolving Plan of Action and Milestones (POAMs).
o Support Cloud Security including Cloud-based Identity and access management roles, policies, resources and credentials and user provisioning, SAML, openid auth, etc.
o Make recommendations on system configurations, access controls, and systems administration.
o Initiate protective and corrective measures when a security incident or vulnerability is discovered.
o Monitor system recovery processes and ensure the proper restoration of an application security feature.
Prefer local candidates for face to face interviews.
Bachelor's degree in a related field and at least 15 years' relevant experience.
Experience as a Security Engineer supporting software architecture and/or application development.
Experience performing day-to-day Information System Security responsibilities for system / product teams and working with system administrators to implement security controls and remediated vulnerabilities.
Proven ability to perform hands-on security test & evaluation of large-scale, complex systems against current NIST standards.
Experience in a technical role, providing technical expertise for software intensive projects and programs for Government or Industry customers.
Ability to coordinate with program management and other stakeholders to track and maintain risks associated compliance with security requirements and national level directives.
Excellent communication skills, both verbally and in writing to effectively interact with multiple teams both internal and external.
Experience in cloud based environments including deploying solutions on public/hybrid clouds.
Experience implementing DevSecOps for a large program using Agile, preferably SAFe, development methodology.
Experience implementing DevSecOps for a Cloud-based system on a modernization program ensuring existing applications and systems are modernized to satisfy legacy functional requirements.
Experience with IBM Rational Collaborative Lifecycle Management.
Knowledge of cybersecurity tools such as Nessus and NMAP including installation procedures, execution of tools, and analysis of tool output.
Current in at least one of the following 8570 IAT Level III certifications: CASP, CISSP, CISA, GCED, GCIH or GSEC.
Experience with any of the following COTS security tools: CORE Impact, SPLUNK, AppScanner, HP Fortify, SwampBox, etc.
Bachelor's degree in a related field is required.
Applicants responding to this position will be subject to a government security investigation and must meet eligibility requirements by currently possessing the ability to view classified government information.
Zachary Fasano at email@example.com
420 Culver Boulevard
Playa Del Rey, CA 90293
Phone: (310) 414-7800 x252 or (800) 927-9318 x252
Candidates responding to this posting must currently possess the eligibility to work in the United States. No third parties please.
Chipton-Ross provides equal employment opportunities to all employees and applicants for employment without regard to race, color, creed, religion, national origin, sex (including pregnancy), age, disability, sexual orientation, gender identity and/or expression, protected veteran status, genetic information, or any other characteristic protected by Federal, State or local law. This policy governs all areas of employment at Chipton-Ross, including recruiting, hiring, training, assignment, promotions, compensation, benefits, discipline, and terminations.