Northrop Grumman Cyber Network Security Analyst 3/4 in Pensacola, Florida

Do you desire a patriotic role and the chance to defend our nation's cyber infrastructure? Do you enjoy learning about new technologies and how they can be used to provide cutting edge services to our customers? If so, then look to join the Northrop Grumman Mission Systems team.

The Cyber Network Security Analyst 3/4 position will be located in Pensacola, FL.

Responsibilities of the position include, but aren't limited to the following:

  • Conduct technical analysis of network traffic to identify anomalies, which may represent potentially malicious activity, and document the analysis in prescribed formats.

  • Monitor and understand emerging threats on open source, defined as those technical vulnerabilities and exploits that could present a threat to government networks, analyze tools and exploits, and document the analysis in prescribed formats.

  • Monitor Intrusion Detection System / Intrusion Prevention System (IDS/IPS) alerts, analyze associated network traffic, and document the analysis in prescribed formats.

  • Report detected incidents to agencies, work toward resolution, and escalate when required according to Standard Operating Procedures (SOPs).

  • Development of IDS/IPS signatures based on indicators and analysis.

  • Testing of IDS/IPS signatures to determine successful detection and level of false positives.

  • Deployment of IDS/IPS signatures based on SOPs.

  • Conduct technical analysis of data from partners, constituents, and monitoring systems to understand the nature of attacks, threats, and vulnerabilities.

  • Assist with the development of mitigation strategies.

  • Coordinate, communicate, share information, with CS&C (CyberSecurity & Communication) and NCCIC (National CyberSecurity & Communications Integration Center)components.

  • Deploy to provide on-site support and assistance in the event of an exercise or cyber incident.

  • Identify and document network-based tactics, techniques, and procedures used by an attacker to gain unauthorized system access.

  • Participate in inter-agency sponsored community of interest analysis groups, and technical briefings and exchanges.

  • Assist with developing and maintaining Standard Operating Procedures.

  • Support the collection and reporting of performance metrics.

This requisition may be filled at a higher grade based on qualifications listed below.

PENSFLMSTR

This requisition may be filled at either a level3 or a level 4 based on the qualifications below.

Basic Qualifications for a Level 3: To be considered for this position, you must minimally meet the knowledge, skills, and abilities listed below.

  • Bachelor's Degree in Computer Science or a related technical field plus5 years of relevant technical experience; or aMaster's Degree in Computer Science or a related technical field plus 3 years of relevant technical experience; or an Associate's degree in Computer Science or a related technical field plus 7 years of relevanttechnical experience; or 9 years of relevant technical experience without a degree.

  • Current, active Top Secret Security Clearance with SCI eligibility.In addition, selected candidate must be able to obtain and maintain a favorably adjudicated Department of Homeland Security (DHS) background investigation (EOD) for continued employment.

  • In-depth understanding of Security Operations Center/Network Operations Center (SOC/NOC) operations.

Basic Qualifications for a Level 4: To be considered for this position, you must minimally meet the knowledge, skills, and abilities listed below.

  • Bachelor's Degree in Computer Science or a related technical field plus9 years of relevant technical experience; or aMaster's Degree in Computer Science or a related technical field plus 7years of relevant technical experience; or an Associate's degree in Computer Science or a related technical field plus11 years of relevanttechnical experience; or13 years of relevant technical experience without a degree.

  • Current, active Top Secret Security Clearance with SCI eligibility is required. In addition, selected candidate must be able to obtain and maintain a favorably adjudicated DHS background investigation (EOD) for continued employment.

  • In-depth understanding of SOC/NOC operations.

Preferred Qualifications for both levels:

Candidates with these preferred skills will be given preferential consideration:

  • Advanced skills in developing IDS signatures and ability to conceptualize IDS signatures from otherwise disparate information.

  • Highly proficient in working with SNORT IDS software.

  • DoD 8570 Level II certification (SANS certifications, CISSP).

  • Experience leading and managing within SOC/NOC operations.

  • Familiarity with Kill Chain for incident response.

  • Familiarity with malware analysis.

  • Familiarity with forensics.

  • Familiarity with incident response products and best practices.

  • Experience with database (e.g. MS Access, SQL) and/or portal administration (e.g. SharePoint).

Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit www.northropgrumman.com/EEO . U.S. Citizenship is required for most positions.