Cyber Threat and Vulnerability Analyst

At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work — and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history.

The UK Cyber Threat and Vulnerability Analyst (TVA) identifies and manages weaknesses and cyber threats in networks and software based on solid research of the emerging threat landscape as it pertains to our IT footprint in the UK and then takes measures to strengthen security within our IT systems.

The primary purpose of this role is to use expert knowledge of offensive cyber to research and analyse existing and potential future cyber threats, reporting their findings and cyber intelligence to business leaders to support counter activities in the prevention and risk mitigation of attacks from cybercriminals.

This role will also work with the NG Corporate Vulnerability Team and the Regional IT patching teams to maintain all vulnerability or threat management solutions, ensuring that all assets and systems are scanned for vulnerabilities regularly. This role will ensure that any findings are brought to the attention of the business and will work within the cybersecurity function to prioritize and remediate threats liaising with other parts of the organisation to assure remediation is carried out in accordance with policy.

NGUK Ltd has a varied portfolio of contract types and customers and the NGUKL Threat and Vulnerability Analyst will work to the UK Cyber Security Manager who has overall responsibility for the prevention and response to cyber security threats. 

Threat Analysis

• Monitor and analyse external and internal cyber threats to assess risk.
• Analyse the likelihood of emerging threats and what the potential impact could be to the organization.
• Consolidate cyber threat intelligence feeds and sources.
• Analyse internal and external risks and security controls to assure existing security posture.
• Deliver intelligence and performance reports and make recommendations to the business to enable the effective mitigation and remediation efforts.

• Provide requirements to influence threat mitigation strategies.
• Provide threat intelligence support to cybersecurity teams during security events.

Vulnerability Management

• Collaborate with the corporate vulnerability scanning team to conduct vulnerability scans for the UK on prem and Cloud environments.
• Co-ordinate responses to dealing with critical vulnerabilities.
• Review and analysing vulnerability data to identify trends and patterns and risks to the business.
• Advising employees responsible for remediation on best practice remediation.
• Influence the development of vulnerability management standards and security policies.
• Operate vulnerability management processes, suggesting applicable change controls, and security exceptions.
• Continually improve vulnerability reporting and monitoring solutions.
• Maintain and update process guides and assist with reporting to leadership and service stakeholders.
• Perform risk-based technical assessments on technical vulnerabilities.

Event/Incident Response

• Assist and support the manager in event/incident handling and investigations.
• Support the Critical Incident Management process for cyber related events.
• Ensure the NGUKL Security Incident Management process is followed for the timely identification, evaluation and recording of compliance matters and information security risks, escalating as required.

Essential criteria:

To fulfil the requirements of this job, the post-holder must have:

• Significant experience of threat and vulnerability management in the UK Defence or commercial sector.
• Track record of working within an IT security infrastructure (network and servers) and services, including Cloud computing
• A formal qualification in cyber security (CISSP, CCSP or other).
• Experience working with different security tooling / vendors (AWS, Microsoft, Azure, Cisco etc).
• Applicants must be able to hold and maintain UK Government clearances
• Current UK driving licence.

Desirable criteria:

• Understanding of ISO27001 Security Frameworks.
• GIAC Enterprise Vulnerability Assessor Certification | Cybersecurity Certification
• GIAC Cyber Threat Intelligence Certification | Cybersecurity Certification
• GIAC Security Operations Certification | Cybersecurity Certification

Additional information:

• Travel requirements: Occasional UK travel may be required to attend team/customer meetings and training activities
• Northrop Grumman offer Hybrid working, please speak to us at application stage to see what is possible
• Clearance requirements: Post-holder must hold and maintain UK Government Security Clearance

Northrop Grumman is committed to equality and diversity in our workplace. Northrop Grumman provides equal employment opportunity to all employees and applicants without regard to an individual's protected status, including race/ethnic origin, color, nationality, national origin, ancestry, sex/gender, gender identity/expression, gender reassignment, sexual orientation, marriage/civil partnership, pregnancy/maternity, religion or belief, creed, age, disability, genetic information, or any other protected status or characteristic.