Web Security Analyst
Northrop Grumman is seeking a motivated professional to join our Team as a Web Security Analyst. This position is located in Quantico, VA. The Web Security Analyst will support the Senior Cyber Security Manager within DSS Cyber Network Defense (CND) unit. Performs web security services and continually assess and implement mitigations to improve the cyber security posture for DSS public facing web applications. Manage DSS internet access and identify unauthorized wireless devices. The successful candidate will possess and apply a comprehensive knowledge across key tasks and high impact assignments. Plan and lead major technology assignments. Evaluate performance results and recommends major changes affecting program success.
Roles and Responsibilities
- Develop SOPs for web security
- Conduct lifecycle web penetration testing and provide assessments that identify security issues and known/unknown vulnerabilities.
- Conduct research in open source information and other sources to identify potential vulnerabilities and threats impacting DSS web applications.
- Conduct web vulnerability assessments, identify vulnerabilities, and provide recommendations to improve web devices security posture.
- Develop plans and conduct external network exploitation and penetration testing.
- Analyze web traffic; prevent, detect, and protect against threats.
- Configure and administer Web Gateway; provide advanced expertise to maximize the capabilities of the Web Gateway content filtering and monitor and control access to prohibited web sites in accordance with DSS policy and DOD mandates.
- Develop and enforce web access policies in accordance with DOD and DSS directives.
- Configure, implement, and maintain an approved wireless scanning capability.
- Conduct quarterly wireless scanning and identify rouge systems that are not approved by DOD or DSS.
- Minimum of 5 years of Cyber Security experience with a Bachelor's degree in a technical specialty: cyber security, computer science, or similar field. May accept four (4) additional years of experience in lieu of a degree.
- At least three (3) years of experience working Vulnerability Management in a DoD environment
- At least three (3) years of relevant experience working with a combination of ACAS, SRG, CCRI, FIPS, STIGs, IAVMs
- Experience with Cyber security policies, operations, and reporting requirements.
- Experience with web assessments and vulnerabilities identification.
- Experience with web scanning capabilities.
- IAT-I, II or III IA Baseline Certification (SEC , CISSP preferred)
- CND IA Auditor Baseline Certification: (CEH, CISA, GSNA)
- Computing Environment or OS Certificate
- Possess active/current TS/SCI clearance
- Security CE certification
- CEH certification
- CCNA certification
- ITIL v3 certification
- Experience with Web Gateway security solution.
- Knowledge of web application vulnerabilities.
- Knowledge of DoD web access policies.
- Network Pen Testing experience.
- Familiar with any of the following: Akamai, Splunk, Cisco, McAfee, SCAP, ACAST, F5
Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit www.northropgrumman.com/EEO. U.S. Citizenship is required for most positions.
Meet Some of Northrop Grumman's Employees
Jacqueline operates on power electronics for Northrop Grumman’s space application projects. She meets with engineering groups, chats with customers, and works on circuit analysis.
Back to top