Manager Cyber Intelligence 1

As a leader with Northrop Grumman, you always act with integrity, and the highest ethical standards characterize everything you do. You enable your team to achieve predictable and balanced results, while satisfying the needs of internal and external partners. You treat all people with respect, and you model personal growth and continuous development. You know how to build an inclusive environment that attracts, retains, and inspires a diverse and engaged team. You develop trusted and valued customer relationships and communicate effectively, so that people throughout the organization feel engaged and connected to their work. You deliver excellence, strive for continuous improvement and respond vigorously to change. You ensure that your team has the information and tools needed to perform at their best. You demonstrate our committed pursuit of applying innovation to meet the requirements of our customer. You craft and execute strategies that result in sustainable value creation that delivers measurable results.

The Integrated Cyber Defense team is actively looking for a first line Supervisor / Manager of Cyber Intelligence to lead a team of Computer Network Defense professionals at our Annapolis Junction, MD location.

The Integrated Cyber Defense team conducts analysis of threats to Northrop Grumman's Global Network. The teamprepares for, identifies, contains, eradicates, recovers, and develops 'lessons learned' regarding cyber attacks and malicious activities to our networks and systems.

Typical task assignments include:

  • Assisting all levels of analysts in identifying threats posed to Northrop Grumman's intellectual property, enterprise networks and other areas of risk from a diverse set adversaries through multiple means
  • Development of indicators, custom dashboards, innovative logic/content used in our Security Information and Event Management (SIEM) tool
  • Tracking trends across incidents and events through OSINT and other intelligence means
  • Manage and respond to cybersecurity incidents in compliance with Information Security Policies and Industry Best Practices accurately and quickly
  • Lead, coordinate efforts, and provide timely updates to multiple sectors, multiple cyber teams and business units during incident response
  • Provide security related recommendations to the team as threat events unfold
  • Perform network forensic analysis in support of intrusion detection operations including the development of indicators used to enhance the network security posture
  • Lead a team of cybersecurity professionals working with threat data, writing reports, briefing event details to leadership, and coordinating remediation across multiple Northrop Grumman organizations
  • Ensure technical security improvements are effective, and maintained within configuration management structures
  • Use innovative technology to find efficiencies and process improvement across the cyber domain
  • Provide extended shift coverage occasionally, with minimal travel required
  • Evaluate the potential impact of new threats, exploits and communicate these risks to relevant business units and necessary areas within Northrop Grumman
  • Lead a team of 8+ junior, mid-level, and/or senior level Analysts and Incident Responders
  • Serve as team lead adviser on network defense countermeasures, training, and analysis best practices


Basic Qualifications:

  • Master degree in a STEM discipline with 3 years of IT experience; OR a Bachelor's degree in a STEM discipline with 5 years of IT experience; OR an Associates degree (or other technical degree/diploma) with 7 years of IT experience is required
  • Must have at least 3 years of experience performing cyber incident response or computer network defense activities (example: Intrusion detection, Intrusion prevention, Firewall administration, reverse/ethical hacking, forensic analysis) at the Tier 1, 2, and 3 level
  • Must have experience leading and/or mentoring computer network defense operations professionals
  • Must have experience developing rapid monitoring capability in response to evolving/developing cyber threats
  • Candidates must have a current Secret level security clearance (at a minimum) in order to be considered
  • Must have the ability to obtain, and maintain, a TS/SCI clearance as a condition of continued employment

Preferred Qualifications:

  • The ideal candidate will have a Master's Degree in a STEM discipline, a Management Certification, GIAC Certified Incident Handler (GCIH) or CISSP certification, and5 years of experience in computer network defense/cyber-security, to include engineering, operational field work, program management, and supervisory experience
  • Experience as a team lead adviser on network defense countermeasures, training, and analysis best practices
  • Established government, intelligence community and industry relationships

  • Knowledge of information systems security concepts and technologies; network architecture and tools; general database concepts; document management; hardware and software troubleshooting; intrusion tools; and open source alternatives
  • Experience serving as primary content manager and developer for custom network monitoring solutions
  • Knowledge with Windows and Linux operating systems and common applications
  • Working knowledge of, and experience in, detecting malicious code

  • Operational competence in a variety of cyber applications and data analytics
  • Extensive experience identifying gaps in current network defenses

  • Experience producing/developing recommendations and solutions to gaps in network defenses
  • Experience fusing open source, closed source and operational intelligence

  • Experience in fielding escalated issues during non-standard business hours

  • Experience generating reports, informing peer teams, and senior management of threats

  • Experience effectively identifying and prioritizing incidents including but not limited to reports of system compromise APT, broad based threats, insider threat activities

  • Expert level event log analysis capability

  • Ability to work independently with minimum supervision

  • Ability to work in a fast paced, high profile environment

  • Active TS/SCI clearance desirable

NorthropGrumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit . U.S. Citizenship is required for most positions.

Back to top