Northrop Grumman Sr Principal Cyber Incident Response Analyst / Active DoD Top Secret in Miami, Florida
Discover careers that change the world and further advancements in defense, technology, and engineering today at Northrop Grumman. Use your experience to grow your career and support our global customers with the technology, systems, and solutions they need to enable their missions on the front lines and secure our world every day. With Northrop Grumman, you'll discover a culture built on diversity, respect, and above all teamwork. Together with our group of experts across the technical spectrum, you'll discover opportunities to make a difference in our world and start solving some of the world's most critical problems in the most innovative ways.
The Northrop Grumman Defense Systems sector is currently hiring experienced, Senior Cyber Incident Response Analysts for the USSOUTHCOM program. These positions are located in Doral, FL (Miami, FL area).
Role & Responsibilities:
In this role, you will:
Collect and analyze event information and perform threat or target analysis duties.
Provide operations for persistent monitoring on a 24/7 basis of all designated networks, enclaves, and systems.
Interpret, analyze, and report all events and anomalies in accordance with Computer Network directives, including initiating, responding, and reporting discovered events.
Manage and execute first-level responses and addresses reported or detected incidents.
Report to and coordinate with external organizations and authorities.
Coordinate and distribute directives, vulnerability, and threat advisories to identified consumers.
Provide daily summary reports of network events and activities and delivers metric reports.
Make recommendations on new solutions to improve cyber defense and IT performance issues with legacy assigned Government IT systems.
Deploy improved DCO capabilities, including new user interfaces/dashboards to minimize training time and improve responsiveness to threats and anomalies.
Maintain smooth operation of multi-user computer systems, including coordination with network administrators.
Administer and manage cyber defense tools suites (for example, Host Base Security Suite, SIEM and IDS/IPS).
Support customers with the compliance with directives.
Develop signatures and policies to mitigate new threats.
Support cyber incident analyst identification of compromise and mitigation actions.
Develop and update SOPs for cyber defense systems.
Provide engineering support to facilitate centralized monitoring and active defense back at SAFB, in collaboration and in alignment with the Government cyber defense strategy.
Develop requirements with supported SOPs in order to present an optimized, data-centric, and layered cyber defense approach, which facilitates continuous DCO monitoring, active defense, and incident response on all supported systems.
Interact with users and evaluates vendor products. Makes recommendations to purchase hardware and software, coordinates installation and provides backup recovery.
Develop and monitor policies and standards for allocation related to the use of computing resources.
Ancillary duties may include setting up administrator and service accounts, maintaining system documentation, tuning system performance, installing system wide software and allocating mass storage space.
Provide recommendations for monitoring and improving cyber defense operations for each assigned Government IT system.
Comply with applicable program security requirements as stated in the task order.
Implement and adhere to security policies and classifications of the networks in accordance with the applicable Defense Information Systems Agency (DISA) and DoD classification guides.
Storage and reporting of information shall be in accordance with the classification guides.
Develop products including Tactics, Techniques, and Procedures (TTP), checklists, Best Practices, Handbooks, Workbooks, and other materials to include identifying information to be monitored; systems/software to provide monitoring capabilities; and recommended actions to implement similar capabilities across the enterprise.
Ensure solutions are consistent with organization objectives.
Job Category : Information Technology