Search All Jobs

Manager, CSOC Intelligence & Response

Requisition ID: R10056206

  • Category IconCategory: Information Technology
  • Location IconLocation: Annapolis Junction, Maryland, United States of America
  • Citizenship IconCitizenship Required: United States Citizenship
  • Clearance IconClearance Type: SCI
  • Telecommute IconTelecommute: Yes-May consider hybrid teleworking for this position
  • Shift IconShift: Days (United States of America)
  • Travel IconTravel Required: Yes, 10% of the Time
  • Positions IconPositions Available: 1

At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work — and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history.

The manager for the Northrop Grumman (NG) Cyber Security Operations Center (CSOC) Intelligence and Response (I&R) mission is responsible for leading a team focused on protecting NG’s networks, information, and personnel worldwide from cyber attacks by providing timely Incident Response, Threat Hunting, Cyber Intelligence, Reporting, and Liaison services. This high-profile position requires the ability to work quickly and effectively with NG Cybersecurity and program sector leadership and program personnel to identify requirements and priorities, determine and assign tasks to three teams of expert analysts and investigators, and then lead and mentor those teams in accomplishing the assigned tasks. The subordinate teams include the Advanced Threat Analysis Center (ATAC), the Cyber Threat Intelligence (CTI) team, and the international CSOC (iCSOC) team.

The ATAC mission areas include but are not limited to Cyber Threat Hunting, Incident Response, network- and host-based forensic analysis, malware analysis and reverse engineering, and cyber readiness/resilience exercises. The ATAC is responsible for investigating all compromises of NG systems and coordinating with and reporting to internal and external stakeholders. The CTI team fuses a variety of information sources, including internally generated intelligence regarding cyber threat activities, open-source intelligence (OSINT), and classified reporting from government agencies to generate cyber threat intelligence reports, assessments, threat profiles, and ad-hoc cyber threat awareness briefings to meet the requirements of NG leadership and sector program priorities. The iCSOC team provides in-region (APAC and EMEA) CSOC services that mirror those of the domestic NG CSOC. All three teams liaise with numerous internal-NG and external law enforcement, intelligence, and Defense Industrial Base partner organizations to share threat information and coordinate/collaborate on responses/best practices; and make recommendations to enhance the security posture across NG and subsidiaries’ networks. The I&R Manager is responsible for ensuring the success of all these mission areas.

The I&R Manager is responsible for directing the daily operations of the organization; directly supervising subordinate team managers and key contributors; assigning tasks and scheduling; managing workflow; providing and tracking of all mandatory training requirements for the team, mentoring and professional development (individual and group); initiating and tracking security clearance requirements; developing and monitoring metrics-based Quality Control procedures, and regularly updating Standard Operating Procedures (SOP). The manager routinely coordinates with senior management, Human Resources, Recruiting, and other NG offices as needed to effectively manage the I&R organization; tracks employee time charging and expense reports to ensure they are accomplished in a timely manner; helps develop I&R strategies and roadmaps; provides budgeting, purchasing, cost control, and resource management assistance; and performs employee performance assessments/compensation/promotion recommendations.

The I&R Manager administrative responsibilities include:

  • Manage virtual team with members in separate locations and provide day-to-day oversight of the team’s production, ensuring all efforts meet quality and timeliness requirements
  • Ensure constant and effective communications between all members of the team, and with NG Leadership; maximize team member engagement and promote diversity and inclusion efforts
  • Helping develop I&R operational, tactical, and strategic planning and long-term direction
  • Lead team in yearly, non-recurring project submission including planning, scoping, cost estimating, documentation, and presentations to an executive review board as needed
  • Present written and verbal presentations to peers and executives

Basic Qualifications:

To be considered for this position, you must minimally meet the knowledge, skills, and abilities listed below:

  • Bachelor's Degree (or 10 years of IT or cyber experience)
  • Minimum 5 years’ experience leading or managing a Security Operations Center (SOC) team
  • 15+ years’ experience working in a cyber operational group
  • Broad knowledge of Information Technology and Information Security practices
  • Direct knowledge of various DoD/Gov/DIB cyber information sharing organizations (e.g., NDISAC, DIB CS, CISCP, ESF, NDCA, etc.), their requirements and processes
  • Direct knowledge of Government and DoD cyber incident reporting requirements and processes (e.g., DFARS, CISA, NIST 800-171, CMMC)
  • Demonstrated success in leading teams or projects
  • Ability to work well within a virtual team
  • Strong self-management and delegation skills
  • Good writing and communication skills
  • Strong problem solving and troubleshooting skills
  • Strong customer relationship skills required
  • Ability to obtain a Top Secret/SCI Clearance
  • Ability to travel 10% of the time

Preferred Qualifications:

Candidates with these desired skills will be given preferential consideration:

  • Master’s degree, MBA, or management certifications
  • 20 years of IT/cyber experience
  • 5+ years’ experience with participating in or leading a virtual team
  • Broad working knowledge of the NG Cybersecurity infrastructure including the supporting organizations, and current management processes
  • Knowledge of NG Cybersecurity playbooks, key stakeholders, and roles/processes
  • Experience with providing technical awareness and decision briefs to senior leadership
  • Experience with ensuring Quality Control of deliverables (e.g., written reports, exercises, special projects)
  • Experience providing cybersecurity-related Business Development support (e.g., NAR/ICE, RFI/RFP Response, Pink/Red Team reviews)
  • Broad knowledge of key Northrop Grumman sector programs
  • Cyber security certifications (CISSP, SANS (various), CEH, CISA, etc.)


Salary Range: $155,400 USD - $233,200 USD

Employees may be eligible for a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results. Employees in Vice President or Director positions may be eligible for Long Term Incentives. In addition, Northrop Grumman provides a variety of benefits including health insurance coverage, life and disability insurance, savings plan, Company paid holidays and paid time off (PTO) for vacation and/or personal business.

The health and safety of our employees and their families is a top priority. The company encourages employees to remain up-to-date on their COVID-19 vaccinations. U.S. Northrop Grumman employees may be required, in the future, to be vaccinated or have an approved disability/medical or religious accommodation, pursuant to future court decisions and/or government action on the currently stayed federal contractor vaccine mandate under Executive Order 14042

Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit U.S. Citizenship is required for most positions.

Apply Now

Search All Jobs

What's great about
Northrop Grumman

  1. Be part of a culture that thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work.
  2. Use your skills to build and deliver innovative tech solutions that protect the world and shape a better future.
  3. Enjoy benefits like work-life balance, education assistance and paid time off.

Did you know?

Northrop Grumman leads the industry team for NASA’s James Webb Space Telescope, the largest, most complex and powerful space telescope ever built. Launched in December 2021, the telescope incorporates innovative design, advanced technology, and groundbreaking engineering, and will fundamentally alter our understanding of the universe.