Weapons and Tactics Incident Response Specialist

Northrop Grumman is looking for a Weapons and Tactics Incident Response Specialist to join our team of qualified, diverse individuals located at San Antonio, Texas.

Motivation is essential when working in an environment that will challenge you, force continuous innovation, and work on solutions that make a difference for our customers! As a Weapons and Tactics Incident Response Specialist you will have the knowledge of: concepts and practices of processing digital information; data backup and restoration; DISA Security Technical Implementation Guides (STIGs); host/network access controls, incident categories, incident responses, and timeliness for responses; basic system, network, and OS hardening techniques; incident response and handling methodologies; Information Assurance principles and tenets (confidentiality, integrity, availability, authentication, non-repudiation); network architecture concepts including topology, protocols, and components; network security architecture, including the application of Defense-In-Depth principles; network traffic analysis methods; OSI model and underlying networking protocols (e.g. TCP/IP); packet-level analysis; relevant laws, legal authorities, restrictions, and regulations pertaining to CND activities; system administration concepts for Unix/Linux and/or Windows operating systems; techniques for detecting host and network based intrusions via intrusion detection technologies; the common networking protocols, services (e.g., web, mail, DNS), and how they interact to provide network communications.

Responsibilities may include:

  • Utilize and support cutting edge cyber tools for the DoD to perform threat assessments by tracking and fixing exploits on information system assets
  • Performing Cybersecurity Incident Response activities and coordinating with other government agencies to record and report incidents
  • Monitor and analyze Intrusion Detection Systems (IDS) to identify security issues for remediation
  • Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information
  • Evaluate firewall change requests and assess organizational risk
  • Communicates alerts to agencies regarding intrusions and compromises to their network infrastructure, applications and operating systems
  • Assists with implementation of counter-measures or mitigating controls
  • Ensures the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices
  • Performs periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system and external Web integrity scans to determine compliance
  • Prepares incident reports of analysis methodology and results
  • Maintains current knowledge of relevant technology as assigned
  • Participates in special projects as required

Basic Qualifications:

  • GSEC or Security and willing to obtain CISSP
  • Secret clearance and eligible for a TS/SCI
  • Bachelor's degree in Computer Science with 5 years of experience. 4 additional years of experience can be substituted for the degree.
  • Experience with network security tools (e.g., Splunk, Snort, Fidelis, Ida Pro, etc)
  • Knowledge of Windows, Unix, and Linux based operating systems

Preferred Qualifications:


  • Active TS/SCI
  • 2 years of experience as a Cyber Analyst
  • Windows/Unix certifications
  • Knowledge of: binary analysis; data carving tools and techniques; file system implementations; hacking methodologies in Windows or Unix/Linux environment; incident response and handling methodologies; investigative implications of hardware, Operating Systems, and network technologies; network architecture concepts including topology, protocols, and components; operating systems; relevant laws, legal authorities, restrictions, and regulations pertaining to CND activities; system administration concepts for Unix/Linux and/or Windows operating systems

Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit www.northropgrumman.com/EEO. U.S. Citizenship is required for most positions.


Meet Some of Northrop Grumman's Employees

Jacqueline T.

Electrical Engineer

Jacqueline operates on power electronics for Northrop Grumman’s space application projects. She meets with engineering groups, chats with customers, and works on circuit analysis.

Jonathan M.

Electronics Engineer

Jonathan works with avionics industry subject matter experts to come up with new feature developments before implementing those ideas in the Northrop Grumman laboratory.

Back to top