Sr. Principal Cyber Intelligence Analyst

Northrop Grumman Northrop Grumman · Aerospace · MD +3 · Cyber

Northrop Grumman is seeking a Senior Principal Cyber Intelligence Analyst to provide counterintelligence and cyber threat protection for intellectual property, networks, and sensitive data. The role involves daily analysis of threat activity, trend assessment, monitoring CI portals, and liaising with peers to protect the Northrop Grumman Managed Network (NGMN). Responsibilities include analytical triage, log analysis, correlation of indicators, timeline generation, root cause analysis, and generating customized scripts for analysis. The candidate will also brief findings to senior management.

What you'd actually do

  1. Analytical triage and prioritizations of concurrent cyber events, host and network based log analysis, correlation of network indicators and PCAP data, event timeline generation, and root cause analysis.
  2. The incumbent will be required to independently generate customized scripts to facilitate his/her analysis and prepare detailed written analyses of events.
  3. Additionally, they will often be required to brief their findings to both technical and non-technical senior management audiences.

Skills

Required

  • Bachelors in Science or equivalent experience
  • Top Secret security clearance with SCI access and recent Polygraph
  • Ability to prepare and analyze data and figures
  • Experience with two or more analysis tools used in a CIRT or similar investigative environment
  • 4 years of experience conducting analysis of log data in support of intrusion analysis or cybersecurity operations
  • 4 years of experience with Python, Perl or other scripting language

Nice to have

  • Demonstrated awareness of current endpoint and network exploits, familiarity with computer network exploitation methodologies and tools.
  • Understanding of network communication protocols at all layers of the OSI model.
  • Experience working with large data sets, high-performance computing systems, and artificial intelligence (AI) tools.
  • Experience working with endpoint detection and response technologies.
  • Experience with cyber threat intelligence methodologies.
  • Linux/Unix and Windows proficiency, including shell (Bash, PowerShell) scripting.
  • Familiarity with current information security threats facing U.S. defense contractors or the U.S. Government.
  • GIAC Certified Enterprise Defender (GCED), GIAC Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA), GIAC Certified Forensic Analyst (GCFA), GIAC Reverse Engineering Malware (GREM), Certified Forensic Computer Examiner (CFCE)
  • Other vendor certifications considered (e.g., EnCE, ACE, CCNA, CISSP, etc.).

What the JD emphasized

  • current U.S. Government Top Secret level security clearance, to include SCI access and a recent Polygraph
  • 4 year of experience conducting analysis of log data in support of intrusion analysis or cybersecurity operations
  • 4 years of experience with Python, Perl or other scripting language