Cyber Forensic Specialist

Northrop Grumman - Quantico, VA4.0

Full-timeEstimated: $89,000 - $120,000 a year
Save
EducationSkills
Are you interested in expanding your career through experience and exposure, all while supporting a mission that seeks to ensure the security of our nation and its allies? If so, then Northrop Grumman is the place for you. As a leading global security company, we provide innovative systems, products and solutions to our customers worldwide. We are comprised of diverse professionals that bring different perspectives and ideas, understanding that the more experiences we bring to our work the more innovative we can be. As we continue to build our workforce we look for people that exemplify our core values, leadership characteristics, and approach to innovation.
Northrop Grumman is seeking a Cyber Forensic Analyst to join our team of qualified, diverse individuals in Quantico, VA with a shift scheduled M - F 2pm - 10pm. The qualified applicant will become part of the Advanced Cyber Solutions Operating Unit within the Cyber Division working on the MCNOSC contract and will be responsible for providing cybersecurity solutions to the Marine Corps. The candidate will be a Malware and Forensic (MAF) Analyst reacting to previously identified incidents occurring throughout the MCEN. The selected candidate should be skilled in surface and runtime analysis of malware and be familiar with static analysis techniques. They should be skilled in disk/drive image dissection processes outlined in CJCSM 6510.01B; Information Assurance (IA) and Computer Network Defense (CND) Volume 1 (Incident Handling Program).

Roles and Responsibilities:
Identify file/system artifacts across common Windows operating systems
Log, manage, and track evidence
Document and present investigative findings via detailed analysis reports.
Perform data acquisition/recovery in support of forensic investigations.
Follow, create, modify, and expire Standard Operating Procedures.
Investigate and recommend defensive recommendations to protect the enterprise.
Maintain currency with required certifications and training.
Provide documentation and co-instruct the forensic course.
Perform initial, forensically sound collection of system images and inspect same to discern possible mitigation and remediation of network incidents on the enterprise.
Research new attacks and exploits, and provide recommendations to improve the security posture of the enterprise.

Basic Qualifications:
  • BS degree
  • Two years Computer Network Defense (CND) experience. Four additional years of CND experience will be accepted in lieu of degree.
  • Familiarity with forensic COTS or Open-source technologies in order to detect, collect, preserve, and analyze data stored on laptops, desktops, and servers.
  • An understanding of network and host communications/file systems in order to identify forensic artifacts used to confirm presence/absence, and execution of files.
  • Familiarity with standard computer operating systems, networks, and hardware.
  • 1 IAT Level III Certification (CISA, GCIH, GCED, CISSP, CASP)
  • 1 CNDSP Incident Responder Certification (GCIH, CSIH, CEH, GCFA)
TS/SCI clearance required to start

Preferred Qualifications:
  • Mastery in the collection, preservation or data, and chain of custody process.
  • Experience in the use of EnCase and other forensic tools.
  • Experience with working for the DoD
Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit www.northropgrumman.com/EEO. U.S. Citizenship is required for most positions.