Sr Princpl Cyber Network Analyst (21-327)

Embark on a career putting innovative, reliable, and agile products and ideas into orbit, and beyond. Northrop Grumman has opportunities waiting for you that play a vital role in human space exploration, national defense, and scientific discovery, supporting multiple programs across the universe. With us, you'll discover a culture of curiosity and collaboration that will have you Defining Possible from the day you start. Our space systems connect and protect millions of people on earth every day, now and for the future. Explore your future and launch your career today. At Northrop Grumman we develop cutting-edge technology that preserves freedom and advances human discovery. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We continue to innovate with developments from launching the first commercial flight to space, to discovering the early beginnings of the universe. Our employees are not only part of history, they're making history. The Engineering organization pushes the boundaries of innovation, redefines engineering capabilities, and drives advances in various sciences. Our team is chartered with providing the skills, innovative technologies to develop, design, produce and sustain optimized product lines across the sector while providing a decisive advantage to the warfighter. Come be a part of our mission! Northrop Grumman Space Systems (NGSP) is looking for you to join our team as a Sr. Principal Cyber Network Analyst based out of Schriever Air Force Base, Colorado Springs, CO. What You'll get to Do:

• Provides Defensive Cyber Operations (DCO) planning, execution, and follow-on support for the C2BMC element of the Ballistic Missile Defense System (BMDS).
• Researches, develops, and recommends appropriate cybersecurity countermeasures for networks, systems, and/or applications to support mission assurance across defined key cyber terrain.
• The Cyber Analyst will apply broad DCO technical, operational, and policy expertise in the development of defensive maturity concepts and identifies capability needs that support a robust Protect, Detect, Respond, Recover (PDRR) methodology for C2BMC.
• Additionally, this individual will provide comprehensive expertise in defensive cyberspace operations, research and analysis, as well as capability development with focus on addressing emerging threats.
• Responsible for implementing and enforcing national, DOD (8500.2, 5200.2-R, etc.), and MDA security policies and directives.
• Oversees intrusion detection, boundary protection and vulnerability assessment operations to defend the C2BMC component of the Ballistic Missile Defense Communications Network (BMD COMNET) and C2BMC mission systems and services.
• Develops a network defense visibility display and directs/executes time sensitive adjustments to the network security posture to minimize or counter operational risk.
• The Network Defender will collect, store and present data and metrics for use by senior leaders to conduct Operational Risk Management (ORM) decisions on the network security posture and perform proactive security functions established to assist BMD organizations in deterring, detecting, isolating, containing, and recovering from information system (IS) and network security intrusions and mitigating known network vulnerabilities.
• The Network Defender will operate and administer the BMD provided IA/CND suite, to include firewalls, correlated log analysis, intruder alert and related services to protect BMD COMNET infrastructure and information services from internal and external threats.
• Performs other related duties and assignments as required.
• Position is primarily Mon - Fri, however Candidate may be required to cover shifts determined by mission requirements (Nights or Weekends) to meet operational mission requirements.

• An active Secret clearance is required.
• 9 Years with Bachelor's degree in a related field; 13 years' experience in lieu of a degree.
• Must possess a DoD 8570 certification at IAT Level II or higher (Security+, GSEC, SCNP, SSCP, CISSP, CISA, GSE, SCNA)
• Ability to assist in the evaluation of effectiveness, suitability, survivability and interoperability of systems, relating to cybersecurity and provide key feedback to improve the cybersecurity posture of C2BMC systems
• Ability to advise C2BMC Command Center (CCC) leadership to support the planning and execution of T&E events
• Examine and analyze Cybersecurity architecture, engineering, functionality and interoperability of C2BMC systems Must be able to collaborate with system engineers to ensure Cybersecurity is implemented early in the designing, planning, execution, analysis, and reporting of MDA Test and Evaluation events
• Conduct internal and external systems security assessments and testing utilizing vulnerability scanning tools and penetration testing tools to identify security vulnerabilities in the system architecture
• Analyze security findings/weaknesses and work with system engineers to develop a plan of action and milestones to remediate the findings and revalidate applied fixes
• Ability to research and develop solutions to emerging cyber threats
• Knowledge of cybersecurity, network attack, computer network defense and exploitation concepts, practices, and tools for the administration of all DoD computer systems
• In depth experience with HBSS, ArcSight, Endgame, and CyberArc preferred
• Must be familiar with Windows/Linux based troubleshooting, understand where to locate specific log files for forensics.
• Sound knowledge of and practical experience in the usage of an array of network and information security tools
• Knowledge of modern computer systems, client/server, LAN/WAN and Network concepts, modern network management and monitoring concepts Ability to recognize known worms/viruses based on their signatures
• Ability to recognize network intrusion events and to differentiate false positives
• Ability to recognize successful intrusions and compromises through review and analysis of relevant event logs and other detailed information
• Knowledge of hardware (Routers, CSU/DSU, bridges, multiplexers, servers and switches configuration)
• Previous experience in the monitoring/management of intrusion detection systems and firewall devices, to include SideWinder, ArcSight, HBSS and/or Tripwire
• Experience securing network gear against known vulnerabilities

• Previous experience and sound knowledge of C2BMC System or Missile Defense
• Experience within Department of Defense cyber mission forces and/or cyber protection teams, or incident response / CERT teams
• Python, PHP, Perl, or PowerShell scripting experience a plus
• Knowledge and proficiency in technical writing
• Certified Ethical Hacker certification.
• Unix and/or Microsoft operation system training.
• TS SCI Clearance Desired

• Health Plan
• Savings Plan
• Paid Time Off
• Education Assistance
• Training and Development
• Flexible Work Arrangements