Cyber Incident Analyst Rspndr 3

Individuals collect and analyze event information and perform threat or target analysis duties. Provides operations for persistent monitoring on a 24/7 basis of all designated networks, enclaves, and systems. Interprets, analyzes, and reports all events and anomalies in accordance with Computer Network directives, including initiating, responding, and reporting discovered events. Manages and executes first-level responses and addresses reported or detected incidents. Reports to and coordinates with external organizations and authorities. Coordinates and distributes directives, vulnerability, and threat advisories to identified consumers. Provides daily summary reports of network events and activities and delivers metric reports.

Monitor and analyze DoD data source, analyze reports from CC/S/A/FA and indications and warnings from all partner organizations, detect malicious activity, and develop reports to document findings

Prioritize DODIN incidents, emerging cyber threat activity, or emerging network vulnerabilities for USCYBERCOM leadership and DoD Component situational awareness and/or action

Coordinate network defense operations with DoD CC/S/A/FAs, Intelligence Agencies, LE, US Government organizations; communicate with Industry and Academic entities on network operations/defense activities

Maintain awareness and conduct analysis of USSTRATCOM/USCYBERCOM directives, order, alerts, and messages, and respond to related network operations community questions

Monitor, correlate, detect, and share malicious activity impacting the GIG as well as adversary tactics, techniques, and procedures (TTPs) and indicators that can be used to detect, monitor, and counter the activity with USCYBERCOM and DoD Components

Utilize USCYBERCOM capabilities in order to monitor, detect, track, and analyze cyber threat activity

Identify potentially malicious activity on the DODIN; coordinate with DoD Components for CND actions, and present consolidated information for leadership awareness

Review incident responses from CC/S/A/FAs for accuracy and clarity; monitor updates from JIMS

Respond to official questions through RFI tools

Monitor and disseminate shared situational awareness of DNDO-related activity via a 24x7 DNDO collaboration/chat portal

Develop, obtain approval of, and maintain accurate USCYBERCOM orders which include TOs, PLANORDs, WARNORDs, and FRAGOs

Monitor, correlate, and analyze all operational reporting received from DoD, Intelligence, and LE sources pertaining to intrusion-related activities

Coordinate and ensure DoD incident handling procedures are adhered to in accordance with (IAW) DoD guidance, regulations, and directives, including Commander Joint Chiefs of Staff Manual (CJCSM) 6510.01A, 24 June 2009

Create incident reports, Wikipedia like updates, collaboration/chat tippers and notifications, DoD incident handling database queries, metrics, and trend reports

Participate in command exercises and provide feedback in after action reports

Respond to USCYBERCOM requirements for real world and exercise Contingency Operations (COOP) and National Capital Region (NCR) catastrophic events. This may require Contractor to travel and staff positions outside of routine USCYBERCOM facilities

Basic Qualifications:

  • Compliant with DOD 8140/8570.01-M Information Assurance Workforce Improvement Program guidelines and have at minimum an Information Assurance Management (IAM)/Information Assurance Technical (IAT) level II certification.
  • Bachelor's degree with 5 years of experience. Experience may be accepted in lieu of degree.

Current TS/SCI w/ CI Poly

Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit www.northropgrumman.com/EEO. U.S. Citizenship is required for most positions.


Meet Some of Northrop Grumman's Employees

Jacqueline T.

Electrical Engineer

Jacqueline operates on power electronics for Northrop Grumman’s space application projects. She meets with engineering groups, chats with customers, and works on circuit analysis.

Jonathan M.

Electronics Engineer

Jonathan works with avionics industry subject matter experts to come up with new feature developments before implementing those ideas in the Northrop Grumman laboratory.


Back to top