Northrop Grumman Corporation
Are you interested in expanding your career through experience and exposure, all the while supporting a mission that seeks to ensure the security of our nation and its allies? If so, then Northrop Grumman may be the place for you. As a leading global security company providing innovative systems, products and solutions to customers worldwide, Northrop Grumman offers an extraordinary portfolio of capabilities and technologies. Here at Northrop Grumman we are comprised of professionals that bring different perspectives, are curious about the world, accepting of each other, and understand that the more ideas, backgrounds, and experiences we bring to our work then the more innovative we can be. As we continue to build our talented workforce we look for professionals that exemplify our core values, leadership characteristics, and approach to innovation.
Roles and Responsibilities:
Cyber Incident Responder well-versed in security operations, cyber security tools, intrusion detection, and secured networks. Serve as an expert responsible for providing network and security operations technical analysis, assessment and recommendations in the areas of real-time security situational awareness, operational network system and applications systems security monitoring.
Hours of Support provided include the following: 7:00 AM - 3:30 PM (EST)
Duties and responsibilities may include, but are not limited to:
* Utilize various security tools (e.g., Splunk, Splunk Enterprise Security, Palo Alto Networks, SourceFire, Cisco ASA) to identify potential incidents, network intrusions, and malware events, etc. to ensure confidentiality, integrity, and availability of VA architecture and information systems are protected
* Track investigations in Help Desk systems including Remedy and Service Now
* Utilization of Splunk ES SIEM to respond to incidents detected on the VA network
* Reviewing and analyzing log files to report any unusual or suspect activities
* Utilize incident response use-case workflows to follow established and repeatable processes for triaging and escalating
* Generating trouble tickets and performing initial validation and triage to determine whether incidents are security events.
* Complete investigations in to identified cyber events and hand over as appropriate
* Following established incident response procedures to ensure proper escalation, analysis and resolution of security incidents
* Develop and maintain Incident Response procedures and Security SOPs.
* Analyzing and correlating incident event data to develop preliminary root cause and corresponding remediation strategy
* Communicate effectively to all customers and stakeholders
* Work with other contract teams to effectively respond to cyber incidents
* Providing technical support for new detection capabilities, recommendations to improve upon existing tools/capabilities to protect the network and High Value Assets
To be considered for this position, you must minimally meet the knowledge, skills, and abilities listed below:
* Bachelor's degree and 2 years of experience. Additional 4 years of experience will be accepted in lieu of the degree.
* 2 years of experience with advanced cyber security tools, network topologies, intrusion detection, PKI, and secured networks. Understanding of NIST SP 800-61, US CERT and Office of Management and Budget (OMB) standards. Interpreting and implementing cyber security regulations.
* Certification in one of the following (Security , Network , VA CSP, CISSP, C|EH) or 2 years of additional experience overrides certification requirement.
* Excellent analytical and problem solving skills
* Must be able to obtain a Public Trust clearance (Veterans Affairs High Security Investigation)
Candidates with these desired skills will be given preferential consideration:
* Knowledge in a public health environment.
* Knowledge of VA culture, mission, and IT environment
* Certification in one of the following (Security , Network , VA CSP, CISSP, C|EH)
Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit www.northropgrumman.com/EEO. U.S. Citizenship is required for most positions.
About Northrop Grumman Corporation
Northrop Grumman is a provider of autonomous systems, strike, logistics, C4ISR, and cyber solutions for government and commercial customers.