Cyber Info Assurance Analyst – Principal / Senior Principal – Security Operations Center (SOC) Analyst

At the heart of Defining Possible is our commitment to missions. In rapidly changing global security environments, Northrop Grumman brings informed insights and software-secure technology to enable strategic planning. We’re looking for innovators who can help us keep building on our wide portfolio of secure, affordable, integrated, and multi-domain systems and technologies that fuel those missions. By joining in our shared mission, we’ll support yours of expanding your personal network and developing skills, whether you are new to the field or an industry thought-leader. At Northrop Grumman, you’ll have the resources, support, and team to do some of the best work of your career. Northrop Grumman Mission Systems is actively seeking an experienced Cyber Info Assurance Analyst to fill a role that requires a broad array of knowledge and skills working with team members to support a Cyber Security program based in Tampa, FL. We’re looking for a highly motivated individual with an impeccable work ethic and a strong ability to work in a collaborative fast-moving dynamic team environment. The primary team is located in Tampa, Florida with distributed team members embedded directly with the customer. Currently, we are looking for an experienced and highly motivated problem solver to act as a network forensic analyst and incident responder to process and mitigate threat activity as part of a high-performing, high-profile team of information security professionals. Adaptability, creativity, a commitment to mission, self-direction, and strong written/verbal communications skills are essential. The candidate will collaborate daily with various team members and analysts to coordinate a multi-tiered approach to incident mitigation which will result in the denial of current and future adversary actions. The person chosen for this position will be tasked with identifying and countering sophisticated and varying information security and cyber threats across multiple networks. In this position you will be responsible for: Analytical triage and prioritization of concurrent incidents, host and network based log analysis, correlation of network indicators and PCAP data, incident timeline generation, and root cause analysis. The incumbent will be required to independently generate customized scripts to facilitate his/her analysis and prepare detailed written analyses of incidents. Additionally, they will often be required to brief their findings to both technical and non-technical senior management audiences.

Qualifications:

Basic Qualifications for Principal Cyber Info Assurance Analyst: 5 Years with Bachelors in Science; 3 Years with Masters; 0 with PhD / NOTE: Four (4) years of additional experience can be substituted in lieu of degree US Citizenship is required with an active DoD Top Secret/SCI security clearance which was active in the last 24 months Must possess or be able to obtain DoD 8570 Certification for IAT Level II or higher within two (2) months of starting Basic Qualifications for Sr. Principal Cyber Info Assurance Analyst: 9 Years with Bachelors in Science; 7 Years with Masters; 4 with PhD / NOTE: Four (4) years of additional experience can be substituted in lieu of degree US Citizenship is required with an active DoD Top Secret/SCI security clearance which was active in the last 24 months Must possess or be able to obtain DoD 8570 Certification for IAT Level II or higher within two (2) months of starting Preferred Qualifications: DoD 8570 Certification for IAT Level III 2 years of cyber threat analysis experience Minimum of 1 year of experience with Python, Perl or other scripting language Minimum of 1 year of experience conducting analysis of log data in support of intrusion analysis or information security operations Experience with two or more analysis tools used in a CIRT or similar investigative environment Able to prepare and analyze data and figures Functional experience working with military service-level security authorities (ex. ISSO, ISSM, SCA, DAA) Recent military experience or familiarity with DOD Previous experience utilizing secure configuration guidance such as DISA STIGs Experience with Assured Compliance Assessment Solution (ACAS), Host Based Security System (HBSS), SolarWinds Log & Event manager (LEM), Splunk, and other enterprise security defense, forensic, and SIEM tools Experience with network security controls such as routers, switches, firewalls, intrusion management solutions, network access control, and related solutions Working knowledge of Linux and Windows operating systems and applications Strong troubleshooting skills Demonstrated success working individually or as part of a team requiring little supervision When required, have the ability to work outside of normal working hours and weekends as needed to support the customer’s needs Strong verbal and written communication skills Must be able to work in a fast-paced environment Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit www.northropgrumman.com/EEO. U.S. Citizenship is required for most positions.