The qualified applicant will become part of Northrop Grumman’s JTF-GNO team. Roles and Responsibilities: * Personnel are responsible for reviewing and tracking detected incidents to identify new exploits, threats, mitigation strategies, and enforcing incident reporting standards. Personnel need to be technically familiar with exploits and brief senior leadership on the impact to the DOD system, the method of compromise, and the method of mitigation. * Review reported incidents and identifying correlation with other activity through database queries and through network traffic analysis. * Work effectively with the law enforcement and intelligence components of the JTF-GNO and DOD to exchange information and ideas. Coordinate incident reports, traffic analysis, law enforcement data, and intelligence data to correlate activity and coordinate with DOD organization to analyze new activity and determine whether or not it is an additional incident. * Maintain briefings and brief the JTF-GNO leadership when requested or as necessary. * Develop defensive measures to protect additional DOD assets from being compromised or to detect further compromises. and report other potential compromises to the responsible CERT and documenting pertinent information, including method of attack as well as mitigation strategies at the local and the enterprise level. Minimum Qualifications: To be considered for this position, you must minimally meet the knowledge, skills, and abilities listed below: * Bachelors degree + 5 years of experience or 9 years of experience of experience in lieu of a degree. * Experience with UNIX, NT Internet security, and network security technologies required. * Experience with Netflow necessary. * Understanding of relationships between CC / Services / Agencies. * Strong technical writing skills and ability to assemble briefings using PowerPoint. Proficient in MS Office Suite. * An understanding of security measures and ability to work with the security tools to allow for exceptions when DOD missions need to continue in spite of threat. * Position requires a current TS/SCI Clearance Preferred Qualifications: Candidates with these desired skills will be given preferential consideration: * CISSP or related security certification highly desired. * Experience in a Service/Agency/Joint Operations Center a plus. * Experience in CERT environment preferred. An Equal Opportunity Employer, M/F/D/V Security Clearance Required.
Your Direct Source for Government Contracting News