Sr. Principal Cyber Protection Northrop Grumman Corporation
Chicago, IL

Job Description

Job Description:

Are you interested in expanding your career through experience and exposure, all the while supporting a mission that seeks to ensure the security of our nation and its allies? If so, then Northrop Grumman may be the place for you. As a leading global security company providing innovative systems, products and solutions to customers worldwide, Northrop Grumman offers an extraordinary portfolio of capabilities and technologies. Here at Northrop Grumman we are comprised of professionals that bring different perspectives, are curious about the world, accepting of each other, and understand that the more ideas, backgrounds, and experiences we bring to our work then the more innovative we can be. As we continue to build our talented workforce we look for professionals that exemplify our core values, leadership characteristics, and approach to innovation.

* Cyber Security Analyst - Digital Media & malware Analyst to provide experience utilizing forensic software and forensic tools to perform computer forensic services such as digital evidence preservation, analysis, data recovery in support of designated cyber security investigations, and documentation
* Conduct forensic evidence collection remotely and on site
* Maintain chain of custody for all digital evidence in accordance with NIST standards
* Ability to install, administer and operate software and network components
* Incorporate input from and provide analysis and recommendations to internal and external clients concerning forensic analysis and corrective actions
* Perform forensics analysis and provide recommendations on cyber intrusions, malware incidents and cyber security related investigations
* Perform forensic process and procedure improvement support based on requirements
* Provide targeted attack detection and analysis, including the development of custom signatures and log queries and analytics for the identification of targeted attacks
* Collect malware artifacts safely for analysis and incident investigations
* Provide in depth malware analysis and reverse engineering (Static Analysis, Dynamic Analysis, Memory Analysis, Code Analysis - Debugging, De-Compiling, Compiling, De-Obfuscating, Assembly)) to determine the nature of unknown or potentially malicious files found during investigations
* Examine suspicious emails for malicious content and recommend remediation action
* Perform URL/ domain analysis to identify and report any malicious indicators associated with the resource and evaluate the associated risk(s), if any, of permitting host access to the specific and/ or requested internet hosted resource and identify malicious files and IOCs to aid investigations and signature creation, and recommend appropriate remediation strategy
* Support the maintenance of malware analysis platforms and toolsets
* Support forensic analysis of digital media in Standalone and Enterprise environment

Basic Qualifications:

To be considered for this position, you must minimally meet the knowledge, skills, and abilities listed below:

* Bachelor's degree Computer Science, Information Systems Management, Engineer or related field with a minimum of 9 years of experience. 4 years additional experience may be substituted in lieu of Bachelor's degree.


* 2 years of experience utilizing forensic software and forensic tools to perform computer forensic services such as digital evidence preservation, analysis, data recovery in support of designated cyber security investigations, and documentation


* Certification in one of the following (Security , Network , VA CSP, CISSP, C|EH) or 5 years of additional experience overrides certification requirement


* Must be able to obtain a Veterans Affairs High Security Investigation (VA BI)

Preferred Qualifications:

Candidates with these desired skills will be given preferential consideration:


*
* Knowledge of following analytic tools: Encase, Axiom, FTK, Volatility, IdaPro, OllyDbg, ESXI-VMware, Splunk, FireEye IA, BigFix, Wire Shark, Cuckoo, Remnux


* Knowledge of following OS: Linux, Ubuntu, Windows 7/10, Server 2008, Server 2012, Server 2016


* Familiar with scripting languages/coding


* Knowledge of VA culture, mission, and IT environment

Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit www.northropgrumman.com/EEO. U.S. Citizenship is required for most positions.