Cyber Incident Analyst Responder 1 - Northrop Grumman Corporation (Fort Meade, Maryland) in Annapolis, Maryland For Sale

Individuals collect and analyze event information and perform threat or target analysis duties. Provides operations for persistent monitoring on a 24/7 basis of all designated networks, enclaves, and systems. Interprets, analyzes, and reports all events and anomalies in accordance with Computer Network directives, including initiating, responding, and reporting discovered events. Manages and executes first-level responses and addresses reported or detected incidents. Reports to and coordinates with external organizations and authorities. Coordinates and distributes directives, vulnerability, and threat advisories to identified consumers. Provides daily summary reports of network events and activities and delivers metric reports. Monitor and analyze DoD data source, analyze reports from CC/S/A/FA and indications and warnings from all partner organizations, detect malicious activity, and develop reports to document findings · Prioritize DODIN incidents, emerging cyber threat activity, or emerging network vulnerabilities for USCYBERCOM leadership and DoD Component situational awareness and/or action · Coordinate network defense operations with DoD CC/S/A/FAs, Intelligence Agencies, LE, US Government organizations; communicate with Industry and Academic entities on network operations/defense activities · Maintain awareness and conduct analysis of USSTRATCOM/USCYBERCOM directives, order, alerts, and messages, and respond to related network operations community questions · Monitor, correlate, detect, and share malicious activity impacting the DODIN as well as adversary tactics, techniques, and procedures (TTPs) and indicators that can be used to detect, monitor, and counter the activity with USCYBERCOM and DoD Components · Utilize USCYBERCOM capabilities in order to monitor, detect, track, and analyze cyber threat activity · Identify potentially malicious activity on the DODIN; coordinate with DoD Components for CND actions, and present consolidated information for leadership awareness · Review incident responses from CC/S/A/FAs for accuracy and clarity; monitor updates from JIMS · Respond to official questions through RFI tools · Monitor and disseminate shared situational awareness of DNDO-related activity via a 24x7 DNDO collaboration/chat portal · Develop, obtain approval of, and maintain accurate USCYBERCOM orders which include TOs, PLANORDs, WARNORDs, and FRAGOs · Monitor, correlate, and analyze all operational reporting received from DoD, Intelligence, and LE sources pertaining to intrusion-related activities · Coordinate and ensure DoD incident handling procedures are adhered to in accordance with (IAW) DoD guidance, regulations, and directives, including Commander Joint Chiefs of Staff Manual (CJCSM) xxxx.01A, 24 June xxxx · Create incident reports, Wikipedia like updates, collaboration/chat tippers and notifications, DoD incident handling database queries, metrics, and trend reports · Participate in command exercises and provide feedback in after action reports · Respond to USCYBERCOM requirements for real world and exercise Contingency Operations (COOP) and National Capital Region (NCR) catastrophic events. This may require Contractor to travel and staff positions outside of routine USCYBERCOM facilities
Click here for more info: https://ngc.taleo.net/careersection/jobdetail.ftl?job=xxxxxxxx&lang=en