Cyber Intelligence Analyst
2 weeks ago
Part of Northrop Grumman's Intelligence and Response (I&R) team, this role is a member of a small team that delivers computer network defence support in the UK, providing day-to-day security monitoring operations and services protecting NG's computing infrastructure from sophisticated threats and strategically positioning the infrastructure to defend against the threats of tomorrow. This position balances constantly shifting and competing priorities to respond to the fluid nature of the global cyber threat landscape.
The I&R team is currently looking for an analyst with proven SOC experience. The analyst must be a highly motivated problem solver to act as a network forensic analyst and incident responder in the United Kingdom. They must be able to process and mitigate cyber threat actor activity. Participate as a junior member of a high performing, high profile team of information security and CI professionals. Adaptability, creativity, a commitment to mission, self-direction, and strong written/verbal communication skills are essential.
Key responsibilities
- Perform analytical duties to include security monitoring, host and network based log analysis, correlation of network threat indicators and PCAP data, analytical triage, incident response (both intrusion and privacy related)
- Have knowledge of and be able to define and recommend security policy changes to security devices such as firewalls, proxies, email gateways, Intrusion Detection/Prevention Systems, end-point application whitelisting and anti-virus solutions, and Data Loss Prevention solutions
- Undertake network forensic duties including:
- host- and network-based log analysis
- correlation of network threat indicators and PCAP data
- analytical triage and prioritisation of concurrent incidents
- incident timeline generation
- root cause analysis and remediation
- independent generation of customized scripts to facilitate analysis and preparation of detailed written reports
- Perform host-based cyber forensics investigations (including live memory and system image acquisition, maintaining chain-of-custody, producing investigative reports) in support of data recovery, Incident Response, HR/Ethics employee investigations, Insider Threat investigations, and Legal/litigation cases as needed
- Collaborate with I&R and Strategic Counterintelligence (CI) analysts worldwide to co-ordinate a multi-tiered approach to cyber threat mitigation and tracking of trends which will result in the denial of current and future adversary actions
- Perform malware analysis to determine and mitigate again adversary tactics, techniques, and procedures, and undertake or assist with reverse engineering of adversary tools
- Execute cyber-threat hunting, vulnerability scanning, and penetration testing (as needed)
- Generate custom scripting and coding to facilitate effective processing of cyber threat related indicators and data
- Carry out cyber-threat intelligence and counter-intelligence missions as a key component of the analytic role, including Cyber Kill Chain reconstruction, identification/analysis/mitigation of adversary infrastructure and avenues of approach, and research on adversary attribution and intentions
- Conduct cyber-threat trend analysis and reporting, and devise pro-active mitigations to reduce risk
- Provide security consulting and briefing support to company leadership in the areas of policy, cyber threats, cyber exercises, network security infrastructure/products
- Assist in security architecture planning, design and testing of new technologies and capabilities to optimise security posture and cost effectiveness as needed
- Assist in cyber security-related business development efforts, to include program capture efforts, proposal strategy and planning, resource assessments, and direct-charge program SOC support as needed
- Establish and maintain positive working relationship with corporate network security stakeholders in EMEA and the U.S., as well as U.K. government/defence points of contact as necessary
- Produce high-quality written threat activity highlights and monthly summary reports to be incorporated into summaries for highest level corporate leadership dissemination
- Support production of cyber-threat educational material for employees.
Person Specification
Essential Qualifications/Experience
- CSOC experience
- Experience in the analysis of network communication protocols at all layers of the OSI model
- Experience in an analytical role focused primarily on network forensic analysis
- Evidenced experience of conducting analysis of electronic media, log data, and network devices in support of intrusion analysis or enterprise level information security operations
- Track record of using two or more enterprise level perimeter or endpoint security products
- Experience of large data sets and high-performance computing systems in a high threat environment
- Experienced in applying and developing cyber threat intelligence methodologies
Competency/Skill requirements
- Adept at two or more analysis and forensic tools used in a CSIRT or similar investigative environment
- Substantial awareness of current host, network vulnerabilities and exploits, advanced computer network exploitation methodologies and tools
- Broad knowledge of current and evolving Information Technology and Information Security practices
- Linux/Unix and Windows proficiency, including shell (bash, powershell, etc.) scripting
- An advanced user of Perl, Python, or other scripting languages preferred
- Able to exercise sound judgment when escalating issues
- A creative thinker, particularly around remediation and countermeasures to challenging information security threats
- Self-motivated, able to work autonomously and collaboratively as part of a wider, virtual team
- Excellent interpersonal skills, able to engage effectively with a wide range of stakeholders and customers
- Fluent in written and spoken English
- Strong analytical skills, adept at trouble-shooting and problem-solving, with excellent attention to detail
- Flexible and responsive attitude
- Highly-organised and proficient at multi-tasking, working with and resolving competing priorities
- Strong customer orientation
Other requirements
- Travel requirements: Occasional travel required (less than 10%), mainly in the UK to attend meetings and conferences, with a requirement from time-to-time to travel to the US. Valid UK passport.
- Clearance requirements: The post-holder must be able to hold and maintain UK SC Government clearance
#LI-DW1
#LI-HYBRID
Northrop Grumman is committed to hiring and retaining a diverse workforce, and encourages individuals from all backgrounds and all abilities to apply and consider becoming a part of our diverse and inclusive workforce.
-
Cyber Intelligence Analyst
2 weeks ago
United Kingdom Home Based Northrop Grumman Full timePart of Northrop Grumman's Intelligence and Response (I&R) team, this role is a member of a small team that delivers computer network defence support in the UK, providing day-to-day security monitoring operations and services protecting NG's computing infrastructure from sophisticated threats and strategically positioning the infrastructure to defend against...
-
Cyber Threat Intelligence Officer
4 weeks ago
United Kingdom Cyber Academy Full timeCYBER THREAT INTELLIGENCE | FRANKFURT / BUCHAREST / LONDON / REMOTE We’re expanding our global Threat Intelligence team and we are looking to hire additional top CTI officers! Our most important resource is time, therefore if you do not meet yet our mandatory requirements, let’s talk about a more junior role or about your training path. We’ll talk...
-
Intelligence Analyst
4 weeks ago
United Kingdom Anson McCade Full timeThreat Intelligence Analyst Our client stands as a cornerstone in the realm of digital security solutions, offering state-of-the-art services to safeguard clients against ever-morphing cyber threats. With a dedication to pioneering innovations and unwavering excellence, the company empowers governments and organizations to fortify their digital assets and...
-
Intelligence Analyst
4 weeks ago
United Kingdom Anson McCade Full timeThreat Intelligence Analyst Our client stands as a cornerstone in the realm of digital security solutions, offering state-of-the-art services to safeguard clients against ever-morphing cyber threats. With a dedication to pioneering innovations and unwavering excellence, the company empowers governments and organizations to fortify their digital assets and...
-
Trainee Intelligence Analyst
4 weeks ago
United Kingdom Anson McCade Full timeThreat Intelligence Analyst Our client stands as a cornerstone in the realm of digital security solutions, offering state-of-the-art services to safeguard clients against ever-morphing cyber threats. With a dedication to pioneering innovations and unwavering excellence, the company empowers governments and organizations to fortify their digital assets and...
-
Intelligence Analyst
6 days ago
United Kingdom Summerbrowning Full timeJoin to apply for the Intelligence Analyst role at Summer-Browning Associates Ltd 1 week ago Be among the first 25 applicants Join to apply for the Intelligence Analyst role at Summer-Browning Associates Ltd Save this job with your existing LinkedIn profile, or create a new one. Save this job with your existing LinkedIn profile, or create a new...
-
Trainee Intelligence Analyst
6 days ago
United Kingdom Summerbrowning Full timeJoin to apply for the Intelligence Analyst role at Summer-Browning Associates Ltd Join to apply for the Intelligence Analyst role at Summer-Browning Associates Ltd Sign in to save Intelligence Analyst at Summer-Browning Associates Ltd . We are looking for an Intelligence Analyst to work within the public sector. Location: Hybrid working...
-
Threat Intelligence Security Analyst
2 weeks ago
United Kingdom GitHub, Inc. Full timeAbout GitHub As the global home for all developers, GitHub is the complete AI-powered developer platform to build, scale, and deliver secure software. Over 100 million people, including developers from 90 of the Fortune 100 companies, use GitHub to build amazing things together across 330+ million repositories. With all the collaborative features of...
-
Cyber Intelligence
4 weeks ago
United Kingdom Endeavour Recruitment Solutions Full timeCyber Intelligence & Solution Security Engineer Location: Brussels Sector: Security Engineers / Consultants Job Type: Contract Technologies: Cyber Security Redhat linux Microsoft NET SMartcard PKCS # Java Cards websphere Reverse proxies firewalls Apache Linux Windows Networks DMZ Smarcard PKI Core systems integration C/C++ Firewall Nexus PKI Cyber...
-
Director Corporate intelligence Singapore
4 weeks ago
United Kingdom S-RM Intelligence and Risk Consulting Full timeS-RM is looking for an experienced Director to lead our Corporate Intelligence team in our new Singapore office, where we recently opened an office as part of our regional development strategy S-RM is a global risk and intelligence consultancy. Founded in 2005, we have 300+ practitioners spanning eight international offices, serving clients across all...
-
Product Security Intelligence Analyst
4 weeks ago
United Kingdom Everything Full timeHome Jobs Product Security Intelligence Analyst Jobs In London United Kingdom Product Security Intelligence Analyst Jobs in London, United Kingdom Home Jobs Product Security Intelligence Analyst Jobs In London United Kingdom Product Security Intelligence Analyst Jobs in London, United Kingdom The Product Security Intelligence Analysts will execute...
-
Cyber Security Monitoring Analyst
4 weeks ago
United Kingdom Laing O'Rourke Full timeIT Cyber Security Analyst Dartford office Be part of transforming the construction industry, be part of our Cyber Security team. At Laing O'Rourke we have an opportunity for a Cyber Security Analyst to join the team. Are you able to support comprehensive Cyber Security programs whilst addressing new threats? You will proactively manage technical...
-
Cyber Security Analytics Analyst
2 days ago
United Kingdom ARC IT Recruitment Full timeCyber Security Analytics Analyst City/hybrid £45K-£54K + bonus and strong benefits Splunk SIEM Cyber Security Analytics Analyst is required to join the security division of prestigious financial services organisation with offices in the heart of the city. Within this role you will join a high-functioning in-house security analytics team with a presence...
-
Business Intelligence
2 days ago
United Kingdom BSI Companies Full timeBusiness Intelligence Analyst - Sales ( Artificial Intelligence) page is loaded Business Intelligence Analyst - Sales ( Artificial Intelligence) Job Title: Business Intelligence Analyst - Sales ( Artificial Intelligence) Location: EMEA Homebased As part of our continued growth in Artificial Intelligence business unit, we are looking for an analyst to...
-
Cyber Security Analyst
4 weeks ago
United Kingdom Laing O'Rourke Full timeIT Cyber Security Analyst Location: Dartford office Be part of transforming the construction industry, be part of our Cyber Security team. Do you want to be part of something different? At Laing O'Rourke we have an opportunity for a Cyber Security Analyst to join the team. Are you able to support comprehensive Cyber Security programs whilst...
-
Cyber Security Analyst
2 days ago
United Kingdom La Fosse Full timeAbout this Role Role Title: Cyber Security Analyst Location: UK- London or Leatherhead La Fosse Associates are working with a growing payments business who are looking to add a Cyber Security Analyst to their in-house security function. You will report directly into the Cyber Security Lead and be a key technical individual within their existing team. ...
-
Cyber Security Monitoring Analyst
2 days ago
United Kingdom La Fosse Full timeCyber Security Analyst La Fosse Associates are working with a growing payments business who are looking to add a Cyber Security Analyst to their in-house security function. You will report directly into the Cyber Security Lead and be a key technical individual within their existing team. You will be joining a developing team as a technical resource...
-
Cyber Security Monitoring Analyst
5 days ago
United Kingdom Public Sector Resourcing Full timeCyber Security Analyst - Inside IR35 Contract Term: 10 months Location: Hybrid – Didcot 3 days a week As a Cyber Security Analyst your main responsibilities will be: ~ Assist project managers overseeing digital infrastructure projects that are relevant to or improve cyber security in some way. Their contribution of relevant SME knowledge and...
-
Cyber Security Monitoring Analyst
4 weeks ago
United Kingdom Burman Recruitment Full timeI am currently working with a leading Higher Education Institution on the search for an experienced Cyber Security Analyst (Incident Response) on a 12-month contract working fully remote. As a Cyber Security Analyst specialising in Incident Response, you will play a crucial role in investigating and mitigating a recent security breach within our university...
-
Cyber Security Monitoring Analyst
4 weeks ago
United Kingdom Burman Recruitment Full timeI am currently working with a leading Higher Education Institution on the search for an experienced Cyber Security Analyst (Incident Response) on a 12-month contract working fully remote. As a Cyber Security Analyst specialising in Incident Response, you will play a crucial role in investigating and mitigating a recent security breach within our university...
