Cyber Incident Responder 2
: Information Systems
: United States-Maryland-Annapolis Junction
US Citizenship Required for this Position
: No relocation assistance available
Northrop Grumman Information Systems is seeking a Cyber Incident Responder 2 to work in Annapolis Junction, MD. There will be no relocation assistance for this position.
Northrop Grumman Information Systems, Intelligence and Response (I&R) team, is tasked with a unique cyber counterintelligence (CI) mission to protect Northrop Grumman’s networks and sensitive data against a variety of highly skilled adversaries. The I&R team performs in-depth analysis of current and future threat activity against the Northrop Grumman Global Network (NGGN). Currently I&R is looking for an experienced and highly motivated problem solver to assist senior incident responders in the processing and mitigation of threat actor activity as part of a high performing, high profile team of information security and CI professionals. Adaptability, creativity, a commitment to mission, self-direction, and strong communication skills are essential.
The candidate will collaborate daily with I&R security and CI analysts to coordinate a multi-tiered incident response process tasked with identifying and containing sophisticated information security threats.
Duties will include: triage and prioritization of concurrent incidents, host machine volatile data collection and analysis, correlation of network indicators and pcap data, incident timeline generation and root cause analysis, generation of scripts and command pipelines to facilitate analysis. The incumbent will prepare detailed written analyses of incidents and will be required to brief findings to both technical and non-technical senior management audiences.
** Occasional (< 10%) extended shift work and travel will be required.
Minimum Skills and Qualifications:
– Bachelors degree, equivalent in a Computer Science/Engineering related field; or 4 years of experience in lieu of degree;
– Must be a US Citizen and be able to obtain a security clearance;
– 2-3 years of experience in an incident response and network forensic analyst role; experience working on a cross-functional or geographically dispersed teams is a plus;
– Minimum 2 years of experience with Perl, Python, or other scripting language in an incident handling environment;
– Minimum 2 years of experience conducting analysis of electronic media, log data, and network devices in support of intrusion analysis or enterprise level information security operations;
– Experience with two or more mainstream analysis tools in a CSIRT or similar investigative environment;
– Excellent communication skills, both oral and written;
– Ability to exercise sound judgment in escalating issues and a demonstrated ability to communicate effectively with all levels of management both orally and in writing;
– Demonstrated awareness of current host and network vulnerabilities and exploits, advanced computer network exploitation methodologies and tools;
– Ability to think creatively about remediation and countermeasures to challenging information security threats.
– One or more of the following technical certifications (or equivalent) required: GIAC Certified Enterprise Defender (GCED); GIAC Certified Incident Handler (GCIH); GIAC Certified Incident Analyst (GCIA); GIAC Certified Forensic Analyst (GCFA); GIAC Reverse Engineering Malware (GREM); Certified Forensic Computer Examiner (CFCE); Additional vendor certifications (eg. EnCE) highly desired.
– Previous experience performing Red/Blue Team activities a plus;
– Experience with cyber threat intelligence methodologies;
– Linux/Unix and Windows proficiency, including shell scripting;
– Familiarity with current information security threats facing US defense contractors or the US Government.
Northrop Grumman Corporation is a leading global security company whose 75,000 employees provide innovative systems, products, and solutions in aerospace, electronics, information systems and technical services to government and commercial customers worldwide.
Northrop Grumman is an Equal Opportunity Employer committed to hiring and retaining a diverse workforce regardless of age. U.S. Citizenship is required for most positions.
Apply to this job by clicking here