Click here to login or register
Reference # : 17-05083 Title : Cybersecurity Incident Threat Responder
Location : Morrisville, NC
Position Type : Contract
Experience Level : 3 Years Start Date / End Date : 11/20/2017 / 11/20/2018  
Description
Job Title: Cybersecurity Incident Threat Responder

This position is no longer Contract to Hire, it is now just CONTRACT
US Citizen or Permanent Resident (Green Card)
US Government Client clearance required

Notes: Prefer local candidates for face to face interviews

Northrop Grumman Technology Services sector is seeking a Cybersecurity Incident Threat Responder to join our team of qualified, diverse individuals. This position will be located in Morrisville, NC.

Candidates must be willing to work in a 24x7x365 Cybersecurity Operations Center (CSOC) environment, as well as may be expected to work holidays, demonstrate intuitive problem solving skills and allow for flexible scheduling. Monitor network traffic for security events and perform triage analysis to identify security incidents. Respond to computer security incidents by collecting, analyzing, preserving digital evidence and ensure that incidents are recorded and tracked in accordance with CSOC requirements. Work closely with the other teams to assess risk and provide recommendations for improving our security posture.

Job Overview
Respond to Cyber Security Incidents; provide cyber threat analysis and reporting to support SOC and Program's situational awareness.
Will actively monitor security threats and risks, provide in-depth incident analysis, evaluate security incidents, and will provide proactive threat research.
Support a 24/7/365 Security Operations Center and monitors security tools and provides first tier response to security incidents.
Follow standard operating procedures for detecting, classifying, and reporting incidents
Monitor network traffic for security events and perform triage analysis to identify security incidents.
Respond to computer security incidents by collecting, analyzing, preserving digital evidence and ensure that incidents are recorded and tracked in accordance with SOC requirements.
Work closely with the other teams to assess risk and provide recommendations for improving our security posture.
The ability to take lead on incident research when appropriate and be able to mentor junior analysts.
Experience managing cases with enterprise SIEM systems like Arcsight, Splunk or Sourcefire.
Recommend changes to Standard Operating Procedures and other similar documentation
Generates end-of-shift reports for documentation and knowledge transfer to subsequent analysts on duty.

Basic Qualifications - To be considered for this position, you must minimally meet the knowledge, skills, and abilities listed below. 3 years of related experience on a Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security Operations Center (SOC). Bachelor's degree in an information technology discipline OR equivalent related work experience (4 years of additional experience can be substituted for a bachelor's degree) An understanding of Cyber Security Incident Response and Network Security Monitoring Fundamental understanding of computer networking (TCP/IP) The ability to take lead on incident research when appropriate and be able to mentor junior analysts. Experience managing cases with enterprise SIEM systems like Arcsight, Splunk or Sourcefire. Excellent analytical and problem solving skills Excellent interpersonal skills to interact with team members, management, and CSOC stakeholders Self-Starter Ability to work with little direct supervision Ability to think outside of the box when the need arises Candidates must be willing to work in a 24x7x365 CSOC environment Must be US Citizen as per our contract requirements Ability to obtain a Position of Public Trust Clearance - Must not have traveled outside of the US for a combined period of 6 months (or longer), Must have resided in the US for the last 5 years Must be willing to work nights and/or weekends Position is based in Morrisville, NC and does not offer relocation assistance Desired Qualifications Active Certifications(s): CompTIA Net+, CompTIA A+, CompTIA Security+, CPTE - Certified Penetration Testing Engineer, CEH - Certified Ethical Hacker Experience in Cybersecurity Operations Center (CSOC) Bachelor's Degree