Staff Cyber Protection

Northrop Grumman Martinsburg , WV 25405

Posted 2 months ago

Are you interested in expanding your career through experience and exposure, all the while supporting a mission that seeks to ensure the security of our nation and its allies? If so, then Northrop Grumman may be the place for you. As a leading global security company providing innovative systems, products and solutions to customers worldwide, Northrop Grumman offers an extraordinary portfolio of capabilities and technologies. Here at Northrop Grumman we are comprised of professionals that bring different perspectives, are curious about the world, accepting of each other, and understand that the more ideas, backgrounds, and experiences we bring to our work then the more innovative we can be. As we continue to build our talented workforce we look for professionals that exemplify our core values, leadership characteristics, and approach to innovation.

Roles and Responsibilities:

  • Lead a team of Cyber Hunt and Threat Analysts (CHTA) determining if an event meets the criteria for additional cyber hunt investigation and/or constitutes a security incident subject to investigation.

  • Understand and provide insight, innovation and expertise that contributes to shaping the security vision of the organization.

  • Ability to apply tactics and techniques from industry best practices and experience with proven security frameworks such as the Mitre Att&CK Framework and the Cyber Threat Framework (such as the DHS .govCAR program) that will help to contribute to the security vision of the VA.

  • Familiarity with the federal Trusted Internet Connection (TIC) Reference Architecture

  • Strong communication and analytical skills:

o Effectively brief senior management on security assessments and recommendations.

o Create and disseminate summary reports, investigation reports, and threat briefs.

  • Provide overall Subject Matter Expertise for the following technical tools and processes that are included within the responsibilities of a CHTA technical team member.

o Review audit logs and identify any unusual or suspect behavior.

o Provide targeted attack detection and analysis, including the development of custom signatures and log queries and analytics for the identification of targeted attacks.

o Develop and execute custom scripts to identify host-based indicators of compromise.

o Implement new detection capabilities and improve upon existing security tools.

o Determine scope of intrusion identifying the initial point of access or source.

o Recommend remediation activities to secure the source or initial point of access of intrusion.

o Provide cyber threat intelligence collection & correlation in coordination with a cyber-threat team.

o Provide executive level cyber security strategic recommendations along with security engineering recommendations and custom solutions to counter adversarial activity

o Provide advanced technical capabilities, including Big Data Analytics, and Predictive Intelligence.

o Participate as an analyst point of presence during threat intelligence community exchanges.

o Provide proactive APT hunting, incident response support, and advanced analytic capabilities.

o Profile and track APT actors that pose a threat in coordination with threat intelligence support teams.

o Support the incident response process by providing advanced analysis services when requested to include recommending containment and remediation processes, independent analysis of security events, and reporting of identified incidents to Incident Handling (IH).

o Develop analytics to correlate IOCs and maximize threat detection capabilities based off defense analysis processes.

Basic Qualifications:

To be considered for this position, you must minimally meet the knowledge, skills, and abilities listed below:

  • Bachelor's degree Computer Science, Information Systems Management, Engineer or related field and minimum 10 years of experience. Additional 4 years of experience will be accepted in lieu of the degree.

  • 5 years of experience as a Cyber Hunt and Threat Analyst determining if an event meets the criteria for additional cyber hunt investigation and/or constitutes a security incident subject to investigation.

  • Certification in one of the following (Security , Network , VA CSP, CISSP, C|EH) or 5 years of additional experience overrides certification requirement.

  • Must be able to obtain a Veterans Affairs High Security Investigation (VA BI)

  • Must be a US Citizen or a Green Card Holder

Preferred Qualifications:

Candidates with these desired skills will be given preferential consideration:

  • Management experience of a technical team

Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit www.northropgrumman.com/EEO. U.S. Citizenship is required for most positions.


icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Principal Cyber Protection

Northrop Grumman

Posted 3 weeks ago

VIEW JOBS 3/27/2019 12:00:00 AM 2019-06-25T00:00 Are you interested in expanding your career through experience and exposure, all the while supporting a mission that seeks to ensure the security of our nation and its allies? If so, then Northrop Grumman may be the place for you. As a leading global security company providing innovative systems, products and solutions to customers worldwide, Northrop Grumman offers an extraordinary portfolio of capabilities and technologies. Here at Northrop Grumman we are comprised of professionals that bring different perspectives, are curious about the world, accepting of each other, and understand that the more ideas, backgrounds, and experiences we bring to our work then the more innovative we can be. As we continue to build our talented workforce we look for professionals that exemplify our core values, leadership characteristics, and approach to innovation. Hours of Support provided include the following: 7:00 AM– 3:30 PM (Local time) Roles and Responsibilities may include, but are not limited to: * Cyber Threat and Hunt Analyst determining if an event meets the criteria for additional cyber hunt investigation and/or constitutes a security incident subject to investigation and notify team lead or designate within 15 minutes. * Review audit logs and identify any unusual or suspect behavior. * Provide targeted attack detection and analysis, including the development of custom signatures and log queries and analytics for the identification of targeted attacks. * Develop and execute custom scripts to identify host-based indicators of compromise. * Implement new detection capabilities and improve upon existing security tools. * Determine scope of intrusion identifying the initial point of access or source. * Recommend remediation activities to secure the source or initial point of access of intrusion. * Provide cyber threat intelligence collection & correlation in coordination with a cyber-threat team. * Provide executive level cyber security strategic recommendations along with security engineering recommendations and custom solutions to counter adversarial activity * Provide advanced technical capabilities, including Big Data Analytics, and Predictive Intelligence. * Participate as an analyst point of presence during threat intelligence community exchanges. * Provide proactive APT hunting, incident response support, and advanced analytic capabilities. * Profile and track APT actors that pose a threat in coordination with threat intelligence support teams. * Support the incident response process by providing advanced analysis services when requested to include recommending containment and remediation processes, independent analysis of security events, and reporting of identified incidents to Incident Handling (IH). * Develop analytics to correlate IOCs and maximize threat detection capabilities based off defense analysis processes. * Create and disseminate summary reports, investigation reports, and threat briefs. Basic Qualifications: To be considered for this position, you must minimally meet the knowledge, skills, and abilities listed below: * Bachelor's degree Computer Science, Information Systems Management, Engineer or related field and minimum 5 years of experience. Additional 4 years of experience will be accepted in lieu of the degree. * 2 years of experience performing security assessments against web applications for vulnerabilities, security misconfigurations, and compliance-related concerns * Certification in one of the following (Security , Network , VA CSP, CISSP, C|EH) or 5 years of experience overrides certification requirement. * Must be able to obtain a Veterans Affairs High Security Investigation (VA BI) * Must be a US Citizen Preferred Qualifications: Candidates with these desired skills will be given preferential consideration: * Knowledge of VA culture, mission, and IT environment Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit www.northropgrumman.com/EEO. U.S. Citizenship is required for most positions. Northrop Grumman Martinsburg WV

Staff Cyber Protection

Northrop Grumman