Cyber Incident Analyst 2/3
Individuals collect and analyze event information and performs threat or target analysis duties. Provides operations for persistent monitoring on a 24/7 basis of all designated networks, enclaves, and systems. Interprets, analyzes, and reports all events and anomalies in accordance with Computer Network directives, including initiating, responding, and reporting discovered events. Manages and executes first-level responses and addresses reported or detected incidents. Reports to and coordinates with external organizations and authorities. Coordinates and distributes directives, vulnerability, and threat advisories to identified consumers. Provides daily summary reports of network events and activities and delivers metric reports. Investigate and identify the appropriate mechanisms for preventing and blocking (future) computer use violations. Provide updates to support closure of security policy violations.
This requisition may be filled at a higher grade based on qualifications listed below.
To be considered for this position, you must minimally meet the knowledge, skills, and abilities listed below:
- This requisition may be filled at either a level 2 or a level 3. Basic Qualifications for a Cyber Incident Analyst 2 is a Bachelor's Degree with 2 years experience OR 6 years experience in lieu of degree. Basic Qualifications for a Cyber incident Analyst 3 are Bachelor's Degree with 5 years experience OR 9 years experience in lieu of degree.
- 2 years of applicable network experience.
- 1 year of CND experience.
- Must hold a Secret Clearance
- Must have at minimum the Security CE and/or the C|EH certification to start. Both certifications are required 180 days after official start date.
- GCIH is required for this position 180 days from start.
- Basic Packet Analysis experience
- Familiarity with and ability to investigate Intrusion Detection System alerts.
Candidates with these desired skills will be given preferential consideration:
- Knowledge of CND policies, regulations and compliance documents specific to the DoD.
- Familiarity with CJCSM 6510.01A.
- Understanding of functionality and capabilities of computer network defense technologies, to include: Router ACLs, Firewalls, IDS/IPS, Anti-virus, Web Content Filtering.
- Working toward attaining the GCIA certifications within 180 days from start date
Northrop Grumman Corporation is a leading global security company providing innovative systems, products, and solutions in unmanned systems, cyber security, C4ISR, and logistics and modernization to government and commercial customers worldwide.
Northrop Grumman is committed to hiring and retaining a diverse workforce. We are an Equal Opportunity Employer, making decisions without regard to race, color, religion, sex, national origin, age, veteran status, disability, or any other protected class. U.S. Citizenship is required for most positions.
Meet Some of Northrop Grumman's Employees
Jacqueline operates on power electronics for Northrop Grumman’s space application projects. She meets with engineering groups, chats with customers, and works on circuit analysis.
Back to top