Skip to content

Cyber Software Security Engineer (Level 2 or Level 3)

In Person (Redondo Beach, California, United States of America)
Full Time
$89,400 – $134,200
Register to Apply
Location:
Redondo Beach, California, United States of America

About Northrop Grumman

Northrop Grumman solves the toughest problems in space, aeronautics, defense and cyberspace to meet the ever-evolving needs of our customers worldwide. Our 90,000 employees are Defining Possible every day using science, technology and engineering to create and deliver advanced systems, products and services. Northrop Grumman careers and internships are as varied as your interests, with a lifetime of potential that will allow you to work together with people from many backgrounds, personal passions and disciplines.

Join Northrop Grumman on our continued mission to push the boundaries of possible across land, sea, air, space, and cyberspace. Enjoy a culture where your voice is valued and start contributing to our team of passionate professionals providing real-life solutions to our world’s biggest challenges. We take pride in creating purposeful work and allowing our employees to grow and achieve their goals every day by Defining Possible. With our competitive pay and comprehensive benefits, we have the right opportunities to fit your life and launch your career today.

We are seeking an experienced Cyber Software Security Engineer (Level 2 or Level 3) to join our cybersecurity team of qualified, diverse individuals within our software organization. This role is located in Redondo Beach, CA operating on our 9/80 schedule meaning you will get every other Friday off. The position has No Remote or Hybrid work available.

This is a DevSecOps position in an Agile development environment focused on building security into embedded systems. The Cyber Software Security Engineer will focus on software security assurance activities, such as Static and Dynamic security scanning of code, application layer hardening, ensuring Secure Coding Best Practices are followed, and environment/infrastructure hardening per CM Standards (STIGs).

Candidate will be Working as an independent, technical contributor in an Agile engineering environment, where the Cyber Software Security Engineer will identify and prioritize software security requirements.

Essential Duties:

  • Conduct Static Code Analysis (SCA) using scanning tools (e.g. Fortify, Coverity)

  • Triage and allocate findings as technical debt in the SwDLC backlog

  • Advise software development scrum teams on secure coding practices; conduct security-focused engineering trade studies and other security best practices

  • Conduct system vulnerability scans, remediation and patch management activities on operating systems and various COTS/GOTS applications, including those within virtualized and/or cloud environments.

  • Adjudicating software security tool findings by working with software developers, systems engineers, and other engineering disciplines to resolve technical and programmatic cybersecurity concerns.

  • Collaborate with software development teams to integrate security best practices throughout the software development lifecycle (SDLC)

  • Advocate for the use of DevSecOps methodologies, and ensure security is embedded into the CI/CD pipeline from the start

  • Verify implementation if code quality checks, automated security testing, and coding standards (e.g., OWASP Top 10, SANS, CWE, Etc..).

Basic Qualifications:

  • Level 2 - Bachelor’s Degree in a Science, Technology, Engineering or Mathematics (STEM) discipline from an accredited university with 2 Years experience; OR a master’s degree in a Science, Technology, Engineering or Mathematics (STEM) discipline from an accredited university with 0 Years experience

  • Level 3 - Bachelor’s Degree in a Science, Technology, Engineering or Mathematics (STEM) discipline from an accredited university with 5 Years experience; OR a master’s degree in a Science, Technology, Engineering or Mathematics (STEM) discipline from an accredited university with 3 Years experience; OR a PhD in a Science, Technology, Engineering or Mathematics (STEM) discipline from an accredited university with 1 Years experience

  • A current Active DoD Secret clearance

  • Must be able to obtain and maintain Special Program Access

  • Ability to obtain a IAT Level II (CompTIA Security+) certification within 6 months of hire

  • Experience with Software Test/Development and use of static code analysis tools (Fortify, Coverity)

  • Working knowledge of programming/scripting languages (e.g. C, C++, Python)

  • Experience identifying vulnerabilities, assessing risk, and providing mitigation recommendations

Preferred Qualifications:

  • Minimum 3 years’ experience in the Defense Aerospace Industry

  • Active TS security clearance

  • Current IAT level II (or higher) certification (Security+ CE)

  • Experience working in restricted facilities, and Demonstrated knowledge and experience in the following:

    • Participating in Systems Engineering milestone reviews

    • Experience with Bamboo and/or Jenkins, or similar CI/CD tools

    • Ability to analyze user requirements and derive cyber and performance requirements

    • Ability to debug existing software and correct defects

    • Experience with common pipeline scripting languages

    • Familiarity with the Atlassian tool suite

    • Familiarity with the Agile software development process

    • Experience with networking basics and security principles

    • Familiarity with Systems Engineering processes and milestones

    • understanding of the requirements analysis, decomposition, and allocation process

    • Experience with Risk Management Framework, Security Controls and STIGs

    • Experience conducting Static Code Analysis (SCA) using scanning tools (e.g. Fortify, Coverity)

Register to Apply