Vacancy expired!
Northrop Grumman Mission Systems is actively recruiting Security Operations Center (SOC) Analysts to support a Cyber Security program in Tampa, FL. You will be working with our experienced SOC Analysts developing processes, procedures, signatures and responses to support Department of Defense Cyber efforts. This provides an environment to grow your expertise and sharpen your skills & knowledge. Our team is always looking for highly motivated individuals with impeccable work ethic and a strong ability to work in a collaborative dynamic team environment. We support government cyber test and evaluation environments through the development of virtual environment designs using products such as Microsoft, VMware, Cisco, RedHat, and other enterprise solution products. We need someone that has a willingness to dive deep, experiment rapidly, and get things done. Ideally an analyst that can serve as a Subject Matter Expert (SME) in multiple areas to add value and versatility to our Team. Responsibilities include:
- Perform technical analysis on a wide range of cybersecurity issues
- Document key event details and analytic findings in analysis reports and incident management systems
- Recommend detection and prevention/mitigation signatures and actions as part of a layered defensive strategy leveraging multiple capabilities and data types
- Communicate and collaborate with analysts from other SOC organizations to investigate cyber events
- Monitor and report on trends and activity on network sensor platforms
- Produce and update technical analysis documentation (processes, procedures, analysis criteria, report templates, etc.)
- US Citizenship is required with an active DoD Top Secret/SCI security clearance which was active in the last 24 months
- Must possess or be able to obtain DoD 8570 Certification for IAT Level II or higher within two (2) months of starting
- Six (6) years of related technical experience with Bachelors in Science; Four (4) years with Masters; 0 years with PhD; or 10 years of experience without a degree
- Experience within SOC/NOC teams
- Minimum of 1 year of experience conducting analysis of log data in support of intrusion analysis or information security operations
- Experience with two or more analysis tools used in a CIRT or similar investigative environment
- Detailed knowledge of intrusion detection engines, capabilities and signature formats in general, with a specific focus on Snort/Sourcefire variations and regular expressions (REGEX)
- Familiarity with Kill Chain for incident response
- Familiarity with incident response best practices
Vacancy expired!