AppSec Jobs
← Back to all jobs

Northrop Grumman

Principal Engineer Software - Cyber Security (San Diego CA) - R10222718

San Diego, CAWebsite

Full details on LinkedIn

The complete job description, requirements, and application details are available on the original posting.

About Northrop Grumman

Northrop Grumman Corporation is a prominent global aerospace and defense technology company, established in 1994 through the merger of Northrop Corporation and Grumman Corporation. With a rich history dating back to the early 20th century, the company has its roots in pioneering aviation innovations. Headquartered in California, Northrop Grumman serves military, government, and commercial customers in the United States and over 25 other countries. The company designs, develops, and manufactures advanced systems across various domains, including military aircraft, spacecraft, missiles, and unmanned systems. Notable products include the B-2 Spirit stealth bomber, the Apollo Lunar Module, and a range of drones and reconnaissance platforms. Northrop Grumman also provides integrated solutions in defense electronics, information systems, cybersecurity, and logistics, emphasizing technology integration and modernization support. The company is committed to delivering high-quality solutions to its diverse clientele, including U.S. military branches and international partners.

Industry

defense & space

Employees

97,000

32041 engineers

Revenue

$42B

Website

Visit →

Security at Northrop Grumman

Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.

3 Intel Signals

Security Philosophy

  • Northrop Grumman's AppSec philosophy is centered on the mission to "Secure.
  • Defend." The team emphasizes "fostering DevSecOps best practices and continuous improvement" and focuses on "developing policies for what tests need to be completed and documented." Their approach to penetration testing is described as "not for compliance, it's for making a difference.".

Security Team

The AppSec team at Northrop Grumman includes key public-facing leaders such as Travis King (Staff Software Engineer | Application Security). While the exact organizational structure and reporting lines are not publicly available, job postings indicate a focus on DevSecOps integration. Common skill patterns identified include expertise in Jenkins, Nexus, SonarQube, Atlassian suite, and container orchestration (Podman, Kubernetes).

Key Initiatives

Active initiatives include the implementation of "static analysis, code quality gates, and vulnerability scanning within the pipeline using SonarQube." The team is also focused on designing and owning "end‑to‑end CI/CD pipelines for missile program codebases" and identifying "needs for automation, designing and implementing of CI/CD solutions."

Preparing for an AppSec interview?

Get the weekly briefing 2,000+ security pros trust.