Staff Cyber Planner

At Northrop Grumman we develop cutting-edge technology that preserves freedom and advances human discovery. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We continue to innovate with developments from launching the first commercial flight to space, to discovering the early beginnings of the universe. Our employees are not only part of history, they're making history. The Engineering & Sciences (E&S) organization pushes the boundaries of innovation, redefines engineering capabilities, and drives advances in various sciences. Our team is chartered with providing the skills, innovative technologies to develop, design, produce and sustain optimized product lines across the sector while providing a decisive advantage to the warfighter. Come be a part of our mission! Northrop Grumman is seeking a creative, skilled, and motivated Cyber Planner to lead a multi-team effort based out of San Antonio, TX. The role is focused on understanding DoD Cyber Security, Cyber Resiliency, and Cyber Survivability requirements and conveying approaches to those requirements to System Architects/Engineers for implementation in Northrop Grumman's systems, products & services. The Cyber Planner establishes plans for DT/OT test events as dictated by DoD Acquisition milestones. The team will conduct full-scope vulnerability assessment, exploit development, and penetration testing against mission critical weapon systems and platforms. This positon is located in San Antonio, TX with regular travel (up to 30%).

• Plan, lead, and coordinate the efforts of multiple teams to conduct CTT phases 1-6
• Coordinate with other organizational initiatives to ensure policies, process, and procedures continue to align with evolving customer requirements
• Manage the recruitment, training, assignment, and assessment of up to fifteen personnel
• Conduct briefings and engage with Senior Customer and Northrop Grumman Leaders
• Assist Business Development in the showcasing of team capabilities to grow the business
• Lead Cyber Security, Cyber Resiliency, and Cyber Survivability aspects of internal and external capture and proposal efforts.
• Conduct special studies and analysis on operational cyber utility, technical feasibility and investment value, as well as integration of highly classified capabilities, evaluating system operational capabilities/trends and addressing operational needs and capability shortfalls as related to fielding needed capability for the DoD.
• Analyze the full range of Joint Capabilities Integration and Development System (JCIDS) products such as Initial Capability Documents (ICD), Capability Development Documents (CDD), Capability Production Documents (CPD), and other related documents and processes to include Enabling Concepts of Employment, Analyses of Alternatives (AoA), and other test and evaluation documents that may support acquisition decisions as required.
• Access, analyze, and document cyber systems requirements.
• Determining trade space for new capabilities to meet DoD requirements.
• Lead requirement development and definition activities throughout the acquisition life cycle
• Support coordination and interface of classified programs by developing and documenting operational requirements and concepts of operation, providing written comments on program documentation.
• Performs requirements analysis for the cyber survivability of specific DoD weapons systems. Consults with DoD and NG program customers to evaluate requirements and translate operations capability requirements to technical solutions. Interprets cyber survivability requirements and works with architects and engineers to translate cyber survivability performance requirements and cyber resilience specified attributes into an architecture appropriate to the type of weapon/mission system. Works with team to understand the requirements for countering a specified cyber adversary threat tier (ATT).
• Oversee the development of a Six Phase Cybersecurity Test Plan, based on repeatable processes and template artifacts

• Bachelor's degree in Software Development, Computer Engineering, Computer Science, Information Security, or other similar STEM related degree with minimum fourteen (14) years of relevant experience (military, defense industry, cyber security); higher academic degrees can be substituted for some experience or 18 years of professional experience in leiu of a degree
• Current Cybersecurity Certification meeting the DoDD 8570 IAT Level 2 Requirement (i.e., Security+ and/or GSEC)
• Ability to collaboratively lead technical efforts across a diverse team including multiple NGC sectors, subcontractors, and the government customer
• Ability to develop use cases and interpret cyber capability requirements in a mission critical operational environment and to develop plans/roadmaps to implement those requirements
• Experience conduction penetration testing or vulnerability research
• Ability to obtain and maintain a DoD Top Secret/SCI with SSBI clearance.

• MS degree in Software Development, Computer Engineering, Computer Science, Information Security, Information Assurance, or other similar STEM related degree
• Ten (10) years of experience and domain knowledge of cyber defense operations and/or cyber capability requirements
• Minimum five (5) years of experience and domain knowledge of cyber defense operations and/or cyber capability requirements
• Ability to interpret and translate customer requirements into operational capabilities
• Current Cybersecurity Certification meeting the DoDD 8570 IAT Level 3 Requirement (i.e., Certified Ethical Hacker (CEH) or CISSP)
• Experience with all aspects of identifying vulnerabilities and developing exploits in avionics, weapon systems, and embedded systems
• Understands DoD Acquisition organizations and processes
• Demonstrated DoD Programmatic and Budget Experience
• Knowledge of DoD Cyber Survivability joint requirements mechanisms, including CSRCs, ATT, CSAs, and KPPs
• Knowledge of USG/DoD Cyber Threat Frameworks, to include the NSA/CSS Technical Cyber Threat Framework v2 (NTCTFv2) and the MITRE ATT&CK (Adversarial Tactics Techniques and Common Knowledge) framework
• Knowledge of CNSS cyber security standards, NIST CSF and RMF, DOD RMF requirements and processes, and Cyber Resilience concepts
• Knowledge of and experience with agile design and delivery techniques (e.g. DevOps, DevSecOps)
• Experience conducting full-scope assessments and penetration tests including: social engineering, server & client-side attacks, protocol subversion, physical access restrictions, and web application exploitation
• In depth understanding of layer 2-7 communication protocols, common encoding, and encryption schemes and algorithms
• Understanding of and experience either executing or defending against complex, targeted cyber threats to high-value systems and data
• Demonstrated technical leadership ability as Chief Engineer, Lead Engineer, or comparable experience
• Active Top Secret/SCI access with an SSBI completed within the past 4 years, is highly desirable

• Health Plan
• Savings Plan
• Paid Time Off
• Education Assistance
• Training and Development
• Flexible Work Arrangements