Cyber Incident Response Analyst 2 - Industrial Control Systems
Do you desire a patriotic role and the chance to defend our nation’s cyber infrastructure? Do you enjoy learning about new technologies and how they can be used to provide cutting edge services to our customers? If so, then look to join the Northrop Grumman team. The selected applicant will become part of Northrop Grumman’s NEO Horizon program, formerly called United States Computer Emergency Readiness (US-CERT), responsible for analyzing and reducing cyber threats and vulnerabilities, disseminating cyber threat warning information, and coordinating incident response activities. NEO Horizon provides advanced network and digital media analysis expertise and defends against malicious activity targeting networks within the United States and abroad.
The Cyber Incident Response Analyst 2 – Industrial Control Systems position will be located in Arlington, VA.
- Assist the team with threat actor targeting of critical infrastructure.
- Support onsite incident response efforts as an ICS-CERT incident responder.
Basic Qualifications – To be considered for this position, you must minimally meet the knowledge, skills, and abilities listed below:
- A Bachelor’s Degree in a related technical field and a minimum of 2 years related technical experience required.
- Active Top Secret Security Clearance is required. In addition, selected candidate must be able to obtain and maintain a favorably adjudicated DHS background investigation for continued employment.
- Experience working incident management.
- Experience developing and/or deploying mitigation techniques for defending either ICS or corporate networks.
- Experience working with classified documents.
Preferred Qualifications – Candidates with these desired skills will be given preferential consideration:
- Active DHS Suitability at the SCI level.
- Qualified as an ICS-CERT incident responder.
- Experience working with a customer service oriented environment.
- Experience working in or with two or more critical infrastructure sector or with a control systems vendor/integrator.
- Proficiency in the foundations of technology and cybersecurity to understand general ICS-CERT concepts.
- Understanding of cybersecurity as it relates to the detection and defense of intrusions on corporate IT and ICSs networks.
- Experience and training in triaging an incident from an initial report to resolution.
- Experience analyzing network topologies for security vulnerabilities.
- Experience in analyzing firewall and system logs.
- Experience analyzing network flow and packet captures.
- An understanding of ICS, network topologies, and deployments and the differences between securing IT systems and real time systems.
- An understanding of the differences or challenges that exist in securing ICS across all 16 sectors.
- An understanding of the tactics, techniques, and procedures of various criminal, insider, hactivist, and nation state threat actors.
- A basic understanding of malware analysis and reverse engineering.
- Understanding of the concepts used in examining hardware level forensic artifacts.
- Experience in at least one of the following tools Mandiant Intelligent Response platform (and supporting tools), Sophia, SiLK, Sourcefire, ArcSight, Palantir, RTIR, Remedy, CSET.
- Experience in at least one programming language such as Python, C, C , C#, Java, ColdFusion, PHP, ASP.net.
- DOD 8570 CND Analysts.
- DOD 8570 IAT Level 3 compliant.
- Certified Digital Media Collector (CDMC), Certified Digital Forensic Examiner (CDFE), Certified Computer Crime Investigator (CCCI), DOD 8570 CND-SP Incident Responder (CND-IR).
Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit www.northropgrumman.com/EEO. U.S. Citizenship is required for most positions.
Meet Some of Northrop Grumman's Employees
Enterprise Communications Professional
A’Darien oversees executive and organizational communications within the company in order to ensure all Northrop Grumman employees are kept in the know and are aware of the company’s values.
Back to top