[Hiring] Principal Cybersecurity Analyst @Northrop Grumman

Role Description

At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history.

We’re looking for innovators who can help us keep building on our wide portfolio of secure, affordable, integrated, and multi-domain systems and technologies that fuel those missions.

Northrop Grumman’s Corporate Sector's Chief Information & Digital Office (CIDO) is seeking a Principal Cybersecurity Analyst for the Global Cyber Policy (GCP) team.

The ideal candidate will:

• Develop, maintain, and automate policy solutions while applying emerging automation and AI technologies for efficiency and precision.
• Translate internal and external customer guidance and requirements into clear and actionable solutions and artifacts for appropriate internal and external consumers and stakeholders.
• Assist in the implementation of the required government policy (i.e. CMMC, CUI).
• Perform analyses to validate established security requirements and recommend additional security requirements and safeguards.
• Generate options for business leaders to responsibly implement required security controls.
• Develop strategic engagements with government partners to effectively deliver cybersecure tools to servicemembers.

Role Responsibilities:

• Technical Advisory: Provide timely, senior-level security guidance, mentor junior analysts, and influence risk-mitigation strategies across multiple functions.
• CMMC Efficiencies: Lead implementation of technical control frameworks for programs to mitigate risks and continue to enable certification and accreditation of systems.
• Policy Development & Automation: Write, maintain, and own end-to-end policy lifecycle – author, maintain, and programmatically apply procedures; integrate AI for continuous improvement.
• Regulatory Monitoring & Knowledge Sharing: Proactively monitor U.S. government cyber regulations, synthesize updates from conferences and industry events, and disseminate concise briefs to internal stakeholders.
• Governance Participation: Represent GCP in cross-functional committees, aligning security with NG’s strategic objectives.

Qualifications

• Excellent communication, customer service, speaking/writing and organizational skills.
• Ability to work independently and follow projects through to completion.
• Ability to maintain flexibility and prioritize work.
• Strong working knowledge of basic office automation tool suites such as MS Office (Word, Excel, PowerPoint), ServiceNow.

Requirements

• Bachelor’s degree in Computer Science, Political Science, Engineering, Cybersecurity or related field with 5 years of experience; OR a Master’s degree with 3 years of experience; OR a PhD with 1 year of experience.
• Working knowledge of CMMC v2 (Levels 1-3), NIST 800-171/800-172 (All revisions), NIST 800-53, NIST CSF, ISO 27001, and DoD frameworks.
• Experience presenting to Executive Leadership with ability to proactively translate technical findings into clear policy guidance.
• CMMC Certified Professional (CCP) and/or 8140 equivalent.

Preferred Qualifications

• Advanced degree or additional certifications (CMMC Certified Assessor (CCA) and/or 8140 equivalent).
• Direct CMMC contract or FAR/DFARS experience.
• Experience building AI driven risk assessment or automation solutions.
• Experience with NIST and FAR commenting.
• Experience with Contracting, Supply Chain, and technology challenges and solutions.
• Experience with MS PowerPlatform.

Benefits

• Flexible work arrangements.
• Phenomenal learning opportunities.
• Exposure to a wide variety of projects and customers.
• Friendly team environment.
• Exceptional benefits/healthcare.
• 9/80 work schedule.
• Great 401k matching program.