Cyber Incident Analyst Rspndr 3
Individuals collect and analyze event information and perform threat or target analysis duties. Provides operations for persistent monitoring on a 24/7 basis of all designated networks, enclaves, and systems. Interprets, analyzes, and reports all events and anomalies in accordance with Computer Network directives, including initiating, responding, and reporting discovered events. Manages and executes first-level responses and addresses reported or detected incidents. Reports to and coordinates with external organizations and authorities. Coordinates and distributes directives, vulnerability, and threat advisories to identified consumers. Provides daily summary reports of network events and activities and delivers metric reports.
Monitor and analyze DoD data source, analyze reports from CC/S/A/FA and indications and warnings from all partner organizations, detect malicious activity, and develop reports to document findings
Prioritize DODIN incidents, emerging cyber threat activity, or emerging network vulnerabilities for USCYBERCOM leadership and DoD Component situational awareness and/or action
Coordinate network defense operations with DoD CC/S/A/FAs, Intelligence Agencies, LE, US Government organizations; communicate with Industry and Academic entities on network operations/defense activities
Maintain awareness and conduct analysis of USSTRATCOM/USCYBERCOM directives, order, alerts, and messages, and respond to related network operations community questions
Monitor, correlate, detect, and share malicious activity impacting the GIG as well as adversary tactics, techniques, and procedures (TTPs) and indicators that can be used to detect, monitor, and counter the activity with USCYBERCOM and DoD Components
Utilize USCYBERCOM capabilities in order to monitor, detect, track, and analyze cyber threat activity
Identify potentially malicious activity on the DODIN; coordinate with DoD Components for CND actions, and present consolidated information for leadership awareness
Review incident responses from CC/S/A/FAs for accuracy and clarity; monitor updates from JIMS
Respond to official questions through RFI tools
Monitor and disseminate shared situational awareness of DNDO-related activity via a 24x7 DNDO collaboration/chat portal
Develop, obtain approval of, and maintain accurate USCYBERCOM orders which include TOs, PLANORDs, WARNORDs, and FRAGOs
Monitor, correlate, and analyze all operational reporting received from DoD, Intelligence, and LE sources pertaining to intrusion-related activities
Coordinate and ensure DoD incident handling procedures are adhered to in accordance with (IAW) DoD guidance, regulations, and directives, including Commander Joint Chiefs of Staff Manual (CJCSM) 6510.01A, 24 June 2009
Create incident reports, Wikipedia like updates, collaboration/chat tippers and notifications, DoD incident handling database queries, metrics, and trend reports
Participate in command exercises and provide feedback in after action reports
Respond to USCYBERCOM requirements for real world and exercise Contingency Operations (COOP) and National Capital Region (NCR) catastrophic events. This may require Contractor to travel and staff positions outside of routine USCYBERCOM facilities
- Compliant with DOD 8140/8570.01-M Information Assurance Workforce Improvement Program guidelines and have at minimum an Information Assurance Management (IAM)/Information Assurance Technical (IAT) level II certification.
- Bachelor's degree with 5 years of experience. Experience may be accepted in lieu of degree.
Current TS/SCI w/ CI Poly
Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit www.northropgrumman.com/EEO. U.S. Citizenship is required for most positions.
Meet Some of Northrop Grumman's Employees
Jacqueline operates on power electronics for Northrop Grumman’s space application projects. She meets with engineering groups, chats with customers, and works on circuit analysis.
Back to top