Key Facts

Remote From:

Full time

Senior (5-10 years)

English

Hard Skills

Vulnerability Management Application Security Cloud Computing Custom Scripting Cyber Security Container Security Vulnerability Assessments Remediation Systems Technical Audit Cloud Security Applications Data Architecture Project Implementation

Other Skills

•
Teamwork
•
Communication
•
Problem Solving

Roles & Responsibilities

Bachelor's degree with 8+ years (or Master's with 6+ years) of relevant cybersecurity experience
Hands-on experience in vulnerability management and application security with ability to assess and prioritize findings
Proficiency in building/automating technical workflows using scripting (Python preferred) and integrating vulnerability signals into CI/CD/engineering workflows
Experience with cloud security (AWS and/or Azure) and knowledge of security controls and compliance frameworks (NIST, CIS, FedRAMP) with ability to apply requirements in practical engineering contexts

Requirements:

Contribute to the design, implementation, and operation of vulnerability and exposure management capabilities to reduce real exploit risk and maintain compliance
Build and enhance automation and workflows that ingest, normalize, and prioritize vulnerability signals across multiple sources; develop engineer-facing dashboards and integrations to help teams understand and act on vulnerability risk
Work with product and engineering teams to assess vulnerability findings, explain exploitability and impact, and support remediation or mitigation approaches; embed vulnerability signals into CI/CD/backlogs to improve visibility and adoption
Execute technical projects that improve vulnerability visibility, prioritization, and risk reduction; support compliance assessments by validating technical evidence and remediation outcomes

Northrop Grumman

Mechanical or Industrial Engineering

About Northrop Grumman

We are a close-knit community of big thinkers collaborating to keep the world safe. Our passion, creativity and expertise bring next-level technology solutions to life in autonomous systems, cyber, C4ISR, strike, space, and logistics and modernization for our customers around the globe. On the Northrop Grumman team, you’ll join our pursuit of excellence immersed in a dynamic culture of innovation and respect. Your unique perspective will help achieve our shared vision for the future of global security. Every step of the way, you'll be supported by world-class training, employee resource groups and a comprehensive benefits package that enables greater health and happiness for you and your family. Worldwide and across disciplines, we’re challenging what’s possible for technology to protect people and places from undersea to outer space and into cyberspace. And we see the impact of our performance every day. We are Northrop Grumman, and we work on what matters—now, you too can make a difference. Explore opportunities in engineering, IT, manufacturing, business management, cybersecurity and more at careers.northropgrumman.com. Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA statement, please visit www.northropgrumman.com/EEO. U. S. citizenship is required for most positions. Our careers site can be found at northropgrumman.com/careers/. If you are contacted by someone about a job at Northrop Grumman, please verify the opportunity on our Careers site before engaging with that contact. We only schedule interviews with qualified candidates who have applied to a job posting through our Careers site.

Company type: Large

Industry: Mechanical or Industrial Engineering

Founded: 2018

Company size: 10001

Website LinkedIn See all jobs →

Job description

RELOCATION ASSISTANCE: No relocation assistance available

CLEARANCE REQUIRED FOR START: No

CLEARANCE TYPE: None

TRAVEL: Yes, 10% of the Time

Description

At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work — and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history.

Northrop Grumman is seeking a technically‑savvy Vulnerability Management Engineer to design, implement, and operate our vulnerability and exposure management capabilities. The role will focus on reducing real exploit risk by building automation, integrating security signals into engineering workflows, and shifting compliance to audit ready state. This role is 100% virtual/work from home. This could change depending upon business conditions.

What You Will Do

Contribute to the design, implementation, and operation of Northrop Grumman’s vulnerability and exposure management capabilities, with a focus on reducing real exploit risk and maintaining compliance.
Build and enhance automation and workflows that ingest, normalize, and prioritize vulnerability signals across multiple sources.
Develop and improve engineer‑facing dashboards and integrations that help teams understand and act on vulnerability risk.
Work with product and engineering teams to assess vulnerability findings, explain exploitability and impact, and support practical remediation or mitigation approaches.
Help embed vulnerability signals into existing engineering workflows (CI/CD, PRs, backlogs) to improve visibility and adoption.
Support validation of remediation efforts to ensure exposure is meaningfully reduced.
Assist in translating compliance and control requirements into scalable technical implementations.
Support CMMC and other assessments by validating technical evidence and remediation outcomes.
Execute technical projects that improve vulnerability visibility, prioritization, and risk reduction.
Contribute to improving processes, tooling, and automation within the vulnerability management program.

Basic Qualifications:

Must have, at minimum, a Bachelors Degree with 8 years of relevant Cybersecurity experience OR a Masters Degree with 6 years of relevant Cybersecurity experience.
Must have solid technical experience in vulnerability management and application security, with hands‑on exposure to assessing and prioritizing vulnerability findings.
Must have demonstrated ability to build or automate technical workflows using scripting with programming languages. Python preferred.
Must have experience working with application, cloud, or container security in AWS and/or Azure environments.
Must have working knowledge of security controls and compliance frameworks (e.g., NIST, CIS, FedRAMP), with the ability to apply requirements in practical engineering contexts.
Ability to reason about exploitability, exposure, and impact beyond severity scores.
Experience collaborating with engineering teams to support remediation efforts.
Clear communication skills and ability to explain technical risks to varied audiences.
Ability to operate effectively in fast‑paced environments with evolving priorities.
Foundational understanding of how vulnerability management fits within broader security and engineering functions.
Experience with commercial security tooling and ability to interpret tool outputs critically.

Preferred Qualifications:

Experience building custom scripts, automations, or lightweight data pipelines to improve vulnerability visibility or prioritization.
Exposure to highly regulated environments (e.g., DoD, FedRAMP Moderate/High) and participation in technical audit preparation.
Experience integrating vulnerability tooling into CI/CD pipelines or engineering workflows.
Familiarity with cloud security platforms or security data tooling.
Experience using AI‑assisted development tools to accelerate security automation or analysis.

Primary Level Salary Range: $142,200.00 - $213,200.00

The above salary range represents a general guideline; however, Northrop Grumman considers a number of factors when determining base salary offers such as the scope and responsibilities of the position and the candidate's experience, education, skills and current market conditions.

Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results. Employees in Vice President or Director positions may be eligible for Long Term Incentives. In addition, Northrop Grumman provides a variety of benefits including health insurance coverage, life and disability insurance, savings plan, Company paid holidays and paid time off (PTO) for vacation and/or personal business.

The application period for the job is estimated to be 20 days from the job posting date. However, this timeline may be shortened or extended depending on business needs and the availability of qualified candidates.

Northrop Grumman is an Equal Opportunity Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO and pay transparency statement, please visit http://www.northropgrumman.com/EEO. U.S. Citizenship is required for all positions with a government clearance and certain other restricted positions.

Ready to apply?

APPLY

Share ·