Principal Cyber Intelligence Analyst - R10197839

Join to apply for the Principal Cyber Intelligence Analyst - R10197839 role at Northrop Grumman

2 days ago Be among the first 25 applicants

Join to apply for the Principal Cyber Intelligence Analyst - R10197839 role at Northrop Grumman

RELOCATION ASSISTANCE: No relocation assistance available

CLEARANCE TYPE: SCI

TRAVEL: Yes, 10% of the Time

Description

At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work — and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history.

Northrop Grumman’s Global Cyber Defense (GCD) team is seeking a skilled and motivated cybersecurity professional to fill a hybrid position that supports two GCD organizations – the Cyber Assessment Tiger Team (CATT) and the Intelligence & Response (I&R) team.

The CATT responsibilities include serving as an operations support coordinator to resource multiple simultaneous penetration testing project teams. CATT pen testing and offensive cyber operations span across all NG products and environments, and require complex coordination of parallel assessment and remediation operations, budgetary planning, metrics reporting and resource management. The incumbent will also provide support to the CATT manager, primary Operations Manager, and Section Leads in planning, execution tracking and optimization of engagements and R&D activity. Strong communications and organizational skills are critical, including direct executive engagement, with deep knowledge of OCO/DCO preferred.

The I&R team responsibilities include providing support for a unique cyber mission to provide counterintelligence (CI) and cyber threat protection to Northrop Grumman's intellectual property, networks and sensitive data against a variety of highly skilled adversaries. To accomplish this goal, the I&R team performs daily in-depth analysis of current network threat activity and trends developing in the future, monitors CI portals and liaisons with Defense Industrial Base and government peers to enhance the protection of the Northrop Grumman Managed Network (NGMN). The position requires an experienced problem solver to act as a cyber threat analyst to process, hunt for, and mitigate threat activity as part of a high-performing, high-profile team of cybersecurity and CI professionals.

The candidate will collaborate daily with various GCD team members and analysts, internal stakeholders, external DIB and government partners to coordinate a multi-tiered approach to threat mitigation which will result in the denial of current and future adversary actions. The person chosen for this position will be tasked with identifying and countering sophisticated and varying cybersecurity and cyber threats to Northrop Grumman personnel, assets, and programs.

Roles And Responsibilities

• Adaptability, creativity, a commitment to mission, self-direction, and strong written/verbal communications skills are essential.
• Coordinate Red Team/pen-test engagement schedules, requirements, and deliverables.
• Make use of commercial and custom applications/systems/tools to perform analytical triage of cyber events, host and network-based log analysis, correlation of network indicators and PCAP data, event timeline generation, and root cause analysis.
• Prepare detailed written analyses of events and perform briefings of findings to both technical and non-technical audiences
• Conduct all-source research on cyber threat actors and intrusion sets (e.g., APTs); evaluate technical and intelligence reporting for cyber threat activities of interest.
• Support informational and analytic products designed to increase situational awareness and advanced warning of current and emerging cyber threats and risks; report on underlying patterns of behavior by conducting detailed analysis of incidents, threats and risks and associated impacts and consequences, vulnerabilities, tactics, techniques and procedures (TTP), and other malicious and non-malicious indicators.
• Analyze classified reporting to identify current and emerging threat trends and work with intelligence community partners to produce and offer classified threat intelligence products and briefings to internal and external partners and stakeholders.
  
  

Basic Qualifications

• Bachelor's degree in Cybersecurity/Computer Science/Engineering or related field with 5 years of professional experience OR a Masters Degree with 3 years of professional experience.
• Minimum of 2 years of experience conducting analysis in support of intrusion investigations or cybersecurity operations
• Experience with two or more analysis tools used in a SOC or similar investigative production environment
• Experience and knowledge of performing all-source intelligence analysis of cyber threat actors, threat nations, organizations, and forces
• Experience preparing and analyzing data and figures
• Experience with cyber Red Team and/or cyber penetration testing team operations and processes
• Ability to obtain a Top Secret security clearance
  
  

Preferred Qualifications

• Demonstrated awareness of current endpoint and network exploits, familiarity with computer network exploitation methodologies and tools
• Understanding of network communication protocols at all layers of the OSI model
• Experience working with large data sets and high-performance computing systems
• Experience working with endpoint detection and response technologies
• Familiarity with current cybersecurity threats facing U.S. defense contractors or the U.S. Government
• Experience with cyber threat intelligence methodologies
• Knowledge of USG/DoD Cyber Threat Frameworks and the MITRE ATT&CK framework
• Familiarity with Threat Intelligence Platforms and Threat Information Sharing standards (e.g., MISP)
• Active TS/SCI security clearance
• One or more of the following technical certifications (or equivalent) is preferred:
• GIAC Cyber Threat Intelligence (GCTI)
• GIAC Certified Enterprise Defender (GCED)
• GIAC Certified Incident Handler (GCIH)
• GIAC Certified Intrusion Analyst (GCIA)
• GIAC Certified Forensic Analyst (GCFA)
• GIAC Reverse Engineering Malware (GREM)
• Certified Forensic Computer Examiner (CFCE)
• Other vendor certifications considered (e.g. EnCE, ACE, CCNA, CISSP, etc.)
  
  

Salary Range: $91,200.00 - $136,800.00

The above salary range represents a general guideline; however, Northrop Grumman considers a number of factors when determining base salary offers such as the scope and responsibilities of the position and the candidate's experience, education, skills and current market conditions.

Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results. Employees in Vice President or Director positions may be eligible for Long Term Incentives. In addition, Northrop Grumman provides a variety of benefits including health insurance coverage, life and disability insurance, savings plan, Company paid holidays and paid time off (PTO) for vacation and/or personal business.

The application period for the job is estimated to be 20 days from the job posting date. However, this timeline may be shortened or extended depending on business needs and the availability of qualified candidates.

Northrop Grumman is an Equal Opportunity Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO and pay transparency statement, please visit http://www.northropgrumman.com/EEO. U.S. Citizenship is required for all positions with a government clearance and certain other restricted positions.

• Seniority level
  Mid-Senior level

• Employment type
  Full-time

• Job function
  Other, Information Technology, and Management
• Industries
  Defense and Space Manufacturing

Referrals increase your chances of interviewing at Northrop Grumman by 2x

Maryland, United States $80,000.00-$90,000.00 1 week ago

Suitland, MD $80,000.00-$90,000.00 1 week ago

College Park, MD $75,000.00-$85,000.00 1 week ago

Maryland, United States $64,984.00-$95,059.00 6 days ago

Baltimore, MD $57,677.01-$78,275.94 1 month ago

Baltimore, MD $57,677.01-$78,275.94 1 month ago

Baltimore City County, MD $64,984.00-$95,059.00 1 week ago

Baltimore City County, MD $64,984.00-$95,059.00 1 week ago

Baltimore, MD $64,427.00-$110,756.00 2 weeks ago

Baltimore, MD $74,156.16-$107,114.45 1 month ago

Linthicum, MD $104,000.00-$166,000.00 1 week ago

Laurel, MD $85,000.00-$160,000.00 1 week ago

Fort Meade, MD $78,700.00-$165,200.00 2 days ago

Maryland, United States $64,984.00-$95,059.00 6 days ago

Jessup, MD $79,300.00-$169,500.00 5 days ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.