Requisition ID: R
Category: Engineering
Location: New Malden - POST-LON, United Kingdom
Citizenship Required: United Kingdom Citizenship
Clearance Type: Security Check (SC)
Telecommute: Yes- May Consider Occasional/Part-Time Teleworking for this position
Travel Required: Yes, 25% of the Time
Positions Available: 1

At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work - and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history.

Due to organic growth we have a great opportunity for a Cyber Security Engineer to join our Product Cyber Security (PCS) team in New Malden.This role will work to the PCS Manager and will provide Product Cyber Security expertise in support of historic, current, and future business. The role will be primarily involved with those activities that contribute to the achievement of formal accreditation for products contained within Northrop Grumman's UK Defence portfolio.The successful candidate will work to secure, and accredit, a diverse portfolio of equipment, from radars through to innovative Industrial Control Systems (ICS) and will be responsible for ensuring the generation, design, implementation and verification of Information Assurance and Cyber Security requirements. The candidate will be expected to be hands on, working from abstract requirements through to detailed design and into implementation and test verification.This role sits alongside others being provided by the mechanical and electrical, architecture, and network and communications teams, and offers an excellent opportunity to work with an exciting range of equipment and technologies; excellent technical and communications skills are a pre-requisite. Key Responsibilities
Responsible for achieving accreditation for one, or more, products, in accordance with a JSP440 / HMG requirement;
Creation of document sets (IAMP, RMADS, SyOps etc.) in support of product accreditation;
Generation of policies and procedures in support of product and project security;
Mentoring junior engineers in current and best practice for Information Assurance / Cyber Security;
Support initiatives to embed Information Assurance / Cyber Security culture within specific project teams and throughout the wider company;
Support the Product Cyber Security Manager in discharging their security accountabilities, working across a variety of Information Assurance and Cyber Security related topics;
Communicate complex technical issues and solutions to non-technical stakeholders;
Organise Security Working groups related to assigned products;
Participate in a broad company security awareness program, generating ideas and producing content in order to provide orientation, educational programs, and on-going communication;
Participate in Information Assurance and Cyber Security governance meetings as directed;
Ensure excellent client service;
Build strong and enduring relationships within the company and with our clients;
Be a credible, charismatic and knowledgeable envoy for the role of Information Assurance / Cyber Security within a modern business;
What we are looking for:
A demonstrable track-record of successful Information Assurance / Cyber Security work, preferably in a military domain;
A broad information assurance mind-set, able to assimilate and consider issues from the technical, process and business perspective, supported by a pragmatic attitude to the implementation of security within a defence environment;
A sound understanding of the procedures required to identify, quantify and address vulnerabilities within a product, project and organisation;
Experience of the development and implementation of appropriate risk mitigation plans, policies, processes and technical controls;
Excellent communication skills, both written and oral;
Desirable Experience:
Experience of cyber / technical security within an Industrial Control environment, regardless of Industry Sector;
Able to produce sensible, rational and comprehensible Risk Assessments, including pragmatic risk treatment plans;
Experience with formal accreditation processes, e.g. JSP440, HMG IS1/2;
Experience in the conduct of Vulnerability Testing and reporting;
Formal and relevant qualifications, such as: CISSP, NCSC Certified MSc;
Penetration Testing / Certified Ethical Hacker qualifications;
Knowledge / experience of Maritime Industrial Control Systems;
Varied knowledge of manufacturers equipment's, technology and controls system applications for Industrial Control Systems implementation;
Experience with vulnerability scanning tools such as Nessus;
Requirements management, interface control documents, and writing policy, procedures and instructions
Previous experience of the MOD/CyDR Accreditation Process;
Additional Information:
Looking for flexibility? Talk to us at the application stage about what may be possible.
Clearance requirements: The post-holder must be able hold and maintain UK Government clearances

Northrop Grumman is committed to equality and diversity in our workplace. Northrop Grumman provides equal employment opportunity to all employees and applicants without regard to an individual's protected status, including race/ethnic origin, color, nationality, national origin, ancestry, sex/gender, gender identity/expression, gender reassignment, sexual orientation, marriage/civil partnership, pregnancy/maternity, religion or belief, creed, age, disability, genetic information, or any other protected status or characteristic.