Sr. Principal Cyber Forensic Specialist
- Augusta, GA
Discover careers that change the world and further advancements in defense, technology, and engineering today at Northrop Grumman. Use your experience to grow your career and support our global customers with the technology, systems, and solutions they need to enable their missions on the front lines and secure our world every day. With Northrop Grumman, you'll discover a culture built on diversity, respect, and above all teamwork. Together with our group of experts across the technical spectrum, you'll discover opportunities to make a difference in our world and start solving some of the world's most critical problems in the most innovative ways.
Do you desire a patriotic role and the chance to defend our nation's Cyber Infrastructure? Do you enjoy learning about new technologies and how they can be used to provide cutting edge services to our customers? If so, then look to join the Northrop Grumman team. Northrop Grumman is seeking a Sr. Principal Cyber Forensic Specialist to join our team of qualified, diverse individuals. This position will be located in Fort Gordon, GA.
The Cyber Forensic specialist will provide digital media and network forensics using a variety of methods to detect and identify anomalous and/or malicious software. You will coordinate with internal and external mission partners to execute forensic and malware functions, including LE/CI liaison officers, and other intelligence professionals to understand higher-level adversary capability. Analyze collected media to inform and improve DCO capabilities and TTPs. In addition, your support shall include, but is not limited to, the following activities:
- Analyze collected media for DCO value to understand adversary technical capabilities and TTPs/methods of employment.
- Analyze the attack/exploit capability of the software, and document and catalog findings for future correlation.
- Develop and maintain malware analysis artifacts, reports, case notes, and all case related data, and ensure information is properly stored within the infrastructure. Provide all pertinent finding to personnel responsible for the development of signatures capable of detecting the analyzed malware as it propagates on infected systems.
- Perform dead-box forensic analysis and live forensic/incident handling analysis, as required, to include collection, preservation, and transfer forensic evidence of unauthorized access to a military/partner network, device, or Information Systems (IS); analyze forensically sound images to identify suspicious/malicious files, all intrusion related artifacts, and entry points/attack vectors; and develop necessary procedures or scripts to identify such data.
- Perform reverse-engineering on compiled executable code.
- Examine malicious software/capabilities to identify the nature of the threat.
- Reverse-engineer the compiled executable code to examine how the program interacts with its environment.
- Bachelor's degree with a minimum of 9 years of related experience OR Masters degree with a minimum of 7 years related experience. May consider an additional 4 years of related work experience in lieu of degree (13 years total).
- Demonstrated familiarity with Cyber warfare techniques, methods and processes.
- Experience performing forensic analysis on system drives using Encase or similar forensic tools.
- Experience performing malware analysis.
- Must possess an active DoD 8570 IAT Level II Certification (examples include: CCNA-Security, CySA+, GICSP, Security+ CE, or SSCP)
- Must possess an active DoD 8570 CSSP Analyst Certification (examples include: CEH, CFR, CCNA Cyber Ops, CCNA-Security, GCIA, GCIH, GICSP, or SCYBER)
- Active TS/SCI Clearance with CI Poly. US Citizenship required
- Experience writing and sharing technical summaries and reports to both technical and non-technical audiences
Back to top