6 days old

Cyber Intelligence Analyst

Northrop Grumman
Annapolis Junction, MD 20701
Northrop Grumman's Intelligence and Response (I&R) team is tasked with a unique cyber mission to provide counterintelligence (CI) and cyber threat protection to Northrop Grumman's intellectual property, networks and sensitive data against a variety of highly skilled adversaries. To accomplish this goal, the I&R team performs daily in-depth analysis of current network threat activity and trends developing in the future, monitors CI portals and liaisons with Defense Industrial Base and government peers to enhance the protection of the Northrop Grumman Managed Network (NGMN).

Currently, I&R is looking for an experienced and highly motivated problem solver to act as a network forensic analyst and incident responder to process and mitigate threat activity as part of a high-performing, high-profile team of information security and CI professionals. Adaptability, creativity, a commitment to mission, self-direction, and strong written/verbal communications skills are essential. The candidate will collaborate daily with various I&R team members and Strategic CI analysts to coordinate a multi-tiered approach to incident mitigation which will result in the denial of current and future adversary actions. The person chosen for this position will be tasked with identifying and countering sophisticated and varying information security and cyber threats across the NGMN.

Roles and Responsibilities :

Analytical triage and prioritizations of concurrent incidents, host and network based log analysis, correlation of network indicators and PCAP data, incident timeline generation, and root cause analysis. The incumbent will be required to independently generate customized scripts to facilitate his/her analysis and prepare detailed written analyses of incidents. Additionally, they will often be required to brief their findings to both technical and non-technical senior management audiences.



**Basic Qualifications:**

+ Bachelor's degree in Computer Science/Engineering or related field plus 2 years of cyber threat analysis experience
+ Minimum of 1 year of experience with Python, Perl or other scripting language
+ Minimum of 1 year of experience conducting analysis of log data in support of intr usion analysis or information security operations
+ Experience with two or more analysis tools used in a CIRT or similar investigative environment
+ Able to prepare and analyze data and figures
+ Ability to change physical locations based upon need (including physical ability to travel)
+ Ability to obtain and maintain a DoD Security Clearance

**Preferred Qualifications:**

+ Demonstrated awareness of current endpoint and network exploits, familiarity with computer network exploitation methodologies and tools
+ Understanding of network communication protocols at all layers of the OSI model
+ Experience working with large data sets and high-performance computing systems
+ Experience with cyber threat intelligence methodologies
+ Linux/Unix and Windows proficiency, including shell (Bash, PowerShell) scripting
+ Familiarity with current information security threats facing US defense contractors or the U.S. Government
+ The ability to obtain a TS/SCI clearance
+ One or more of the following technical certifications (or equivalent) is preferred:
+ GIAC Certified Enterprise Defender (GCED)
+ GIAC Certified Incident Handler (GCIH)
+ GIAC Certified Intrusion Analyst (GCIA)
+ GIAC Certified Forensic Analyst (GCFA)
+ GIAC Reverse Engineering Malware (GREM)
+ Certified Forensic Computer Examiner (CFCE)
+ Other vendor certifications considered (e.g. EnCE, ACE, CCNA, CISSP, etc.)

Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit www.northropgrumman.com/EEO . U.S. Citizenship is required for most positions.

**Job Category** : Information Technology


Posted: 2020-05-21 Expires: 2020-06-20

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Cyber Intelligence Analyst

Northrop Grumman
Annapolis Junction, MD 20701

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast