Orbital ATK Cybersecurity Engineer and Forensic Analyst in Promontory, United States

Cybersecurity Engineer and Forensic Analyst

Multiple Locations:Promontory, UT; Dulles, VA; Chandler, AZ; Minnetonka, MN

Categories: Information Technology


Job Description

Start a new job search

Job ID:JV20181605-45729

With projected annual revenues of $4.5 billion, approximately 12,500 employees, and operations in about 20 states, Orbital ATK is a company on the move. Our mission is to ensure that our customers accomplish their mission ? whether it?s a technological breakthrough, a satellite launch, or protecting our nation. The company is the world?s leading supplier of solid rocket motors, a leading provider of launch vehicles, satellites and other space systems, and the nation?s largest manufacturer of ammunition.

Orbital ATK is currently seeking an experiencedCybersecurity Engineer and Forensic Analystto join our Cyber Security team in ourPromontory, UT, Minnetonka, MN, Dulles, VA or Chandler, AZ offices.

Role description & Responsibilities:

Designs cyber security operations and assist with all types of cyber investigations and response. Identify and recommend use cases and monitoring solutions for cyber security activities. Assist with the acquisition, vetting, and validation of cyber threat intelligence from various internal/external sources, and integrating them within security platforms. Performs continual monitoring and analysis of emerging threats and events. Escalates non-routine observations to more senior analysts. Conduct awareness training and enforce policies. Review and respond to log-based data, both in raw form and utilizing SIEM or aggregation tools. Maintain record of ongoing monitoring, threat and response activity.

Key Responsibilities:

  • Manage the full life-cycle for the cyber tool portfolio including SIEM, Network Behavior Analysis, System Forensics, vulnerability management and other security platforms to include the daily administration, planning of upgrades, new deployments, and maintaining operational data flows

  • Provide security architecture & systems engineering consulting to Incident Response Analysts and other IS staff

  • Maintain security by monitoring and ensuring coverage, effectiveness, compliance to standards, policies, and procedures;assisting in conducting incident response analyses; developing and conducting training programs.

  • Coordinating and conducting event collection, log management, event management, compliance automation, and identity monitoring activities. Tuning cyber security tools for performance and event data quality to maximize system efficiency.

  • Research and maintain a deep understanding of current and emerging technologies and Cyber Security solutions

  • Upgrade security systems by monitoring security environment; identifying security gaps; evaluating and implementing enhancements.

  • Prepare system security reports by collecting, analyzing, and summarizing trends

  • Assist with the acquisition, vetting, and validation of cyber threat intelligence from various internal/external sources, and integrating them within security platforms

  • Supporting the establishment, enhancement, and continual improvement of an integrated set of correlation rules, alerts, searches, reports, and responses.

  • Conduct ongoing and regular Cyber Security capability assessments and reviews including people, process and technologies; ensuring that all security capabilities and tools are operating effectively

  • Ensure security capabilities are reviewed and compliant within defined risk levels while considering hardware/software currency,performance/availability, security and information

  • Identify and document any risks, issues or critical success factors that may require immediate action

  • Define, implement, and communicate metrics driven scorecards to measure the effectiveness of Cyber Security Operations

  • Ensure that all Cyber Security related capabilities and solutions are operating effectively

  • Participate in the Computer Security Incident Response process

  • Responsible for identifying continuous security capability improvements that will help protect our computing environments

  • Capture / analyze network traffic for indications of compromise

  • Identify and collect actionable intelligence regarding ongoing information security threats

  • Review log-based data, both in raw form and utilizing SIEM or aggregation tools

  • Employ best practices and forensically sound principals such as evidence handling and chain of custody

  • Establish timelines and patterns of activity based on multiple data sources

  • Manage effective liaison relationships with other IS groups, vendors, and others

  • Serve as a mentor and team leader

Experience Requirements:

  • Bachelor’s degree in related business or technical areas, or an equivalency of education and work experience.

  • Candidates must be a US Citizen and have the ability to obtain a U.S. government security clearance

  • Minimum of 9 + years of Cyber Security and/or security engineering experience

  • 3+ years security engineering / administration experience

  • 2+ years SIEM experience desired

  • 1+ year of vulnerability management tool experience desired

  • Technical skills proficiency in the following areas: security information event management, network communication using TCP/IP protocols, basic system administration, basic understanding of malware (malware communication, installation, malware types), intermediate knowledge of computer network defense operations (proxy, firewall, IDS/IPS, router/switch, open source information collection

  • Self-starter with the ability to proactively engage and develop relationships with subject matter experts and analyst counterparts

  • Recent experience (last 3 years) performing NETFLOW or PCAP analysis using common analysis tools (Wireshark, etc)

  • Ability to apply formal intelligence analysis methods, develop hypothesis, prove/disprove relationships, always ask why, defend your analysis, and apply attribution to cyber threat activity.

  • Proven project management experience, including developing project plans, schedules and budgets for moderate scale projects

  • Experience with compliance requirements from DOD, NASA, NIST, SANS, OWASP desired.

  • Travel requirement of up to 15%

Skills & Knowledge Qualifications:

  • Experience applying Kill Chain analysis, Cyber Intelligence

  • Certifications (any): CISSP, CEH, Security+, SANS certification(s), Network+, CCNA

  • Skilled level of knowledge of common attack vectors and penetration techniques

  • Solid working knowledge of networking technology and tools, firewalls, proxies, IDS/IPS, encryption, and protocols

  • Advanced Data Visualization proficiency leveraging COTS tools

  • Skilled level of knowledge about malware analysis (reverse engineering)

  • Skilled level of knowledge to research, compile, and report actionable intelligence threats

  • Excellent oral and written communication and presentation skills

  • Perform project leadership tasks on select security projects

  • Excellent teamwork skills and the ability to successfully interface with other IT Groups

  • Demonstrated advance skills in conducting forensic analysis of digital evidence, network traffic, managing event analysis/correlation and related incident investigations

  • Process control design and testing methods

  • Metrics development and reporting

  • System configuration and architecture

  • Proven ability to manage information security service and operation through effective management of resources

  • Demonstrated strong working knowledge of various information technologies and industry best practices

  • Demonstrated ability to take initiative and accountability for achieving results

  • Strong interpersonal, oral, and written communication skills

United in pride and shared goals, Orbital ATK employees come from diverse backgrounds and work together to deliver reliable, innovative and affordable solutions. Work with the best and unleash your potential. If you are a dynamic, successful, driven professional, Orbital ATK is the company that will further your experience and career growth. We offer a highly competitive salary, comprehensive benefits including, medical, dental, 401k, tuition reimbursement, and much more.

Orbital ATK is applying entrepreneurial thinking and commercial practices to deliver reliable, innovative and affordable products and services to our customers and grow our core areas while harnessing new technologies that will take our products ?and your ideas ? into the future. When encouraged to think beyond the ordinary, you'?ll be amazed at what you can do!

We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law.

EOE AA M/F/Vet/Disability

Job Type:Full Time

Desired Travel:less than 25%

Years of Experience:8-10 Years


Expertise:Information Technology