US CITIZENSHIP REQUIRED FOR THIS POSITION: YesRELOCATION ASSISTANCE: Relocation assistance may be availableCLEARANCE TYPE: Top SecretTRAVEL: Yes, 10% of the Time
Description
At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work — and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history.
Northrop Grumman Mission Systems is actively seeking an experienced Security Information and Event Management (SIEM) Engineer to fill a role that requires a broad array of knowledge and skills working with team members to support a Cyber Security program based in Tampa, FL.
Our team is always looking for highly motivated individuals with impeccable work ethic and a strong ability to work in a collaborative dynamic team environment.This provides an environment to grow your expertise and sharpen your skills & knowledge.The primary team is located in Tampa, Florida with distributed team members embedded directly with the customer.
Job Responsibilities:
In this position you will:
- Individual must have experience with Splunk tool. Splunk is the preferred, but experience with an equivalent SIEM would be considered.
- Develop and Implement Splunk Queries: Create and optimize complex Splunk queries to extract, analyze, and visualize security data from diverse sources. Utilize Splunk Search Processing Language (SPL) to generate actionable insights for proactive threat detection and response.
- Design Splunk Dashboards and Reports: Design user-friendly Splunk dashboards and reports tailored to different stakeholders, such as security operations teams, management, and auditors. Provide real-time visibility into security events, trends, and key performance indicators.
- Configure and Maintain Splunk Infrastructure: Configure and fine-tune Splunk deployments, including data inputs, data parsing, field extractions, and data enrichment pipelines. Ensure the continuous availability and optimal performance of Splunk indexes, search heads, and forwarders.
- Utilize Splunk Enterprise Security: Leverage Splunk Enterprise Security to develop and implement security use cases, correlation searches, and notable events for threat detection and analysis. Monitor security-related alerts and incidents to identify and prioritize security threats.
- Investigate Security Incidents: Conduct in-depth investigations into security incidents, anomalies, and breaches using Splunk's forensic capabilities. Perform root cause analysis, incident triage, and post-incident reviews to identify gaps in security controls and recommend remediation actions.
- Collaborate with Cross-Functional Teams: Collaborate with cross-functional teams, including IT, network, and application teams, to integrate Splunk with various platforms and systems. Provide technical expertise in advising on security best practices and designing effective security controls.
- Documentation and Reporting: Document Splunk configuration, operational procedures, and security findings. Prepare comprehensive reports detailing security events, trends, and mitigation strategies. Communicate technical information effectively to non-technical stakeholders.
- Collaborate with network engineering teams to strategically deploy network Test Access Points (TAPS) and aggregators to ensure data accuracy, completeness, and compliance.
- Implement, configure, and manage network TAPs to passively monitor network traffic.
- Utilize network aggregators to collect, aggregate, and filter data from multiple network sources for effective monitoring and analysis.
- Help design and engineer Out-of-Band (OOB) SOC infrastructure.
Minimum Education / Experience for SIEM Engineer: 5 Years with Bachelor of Science; 3 Years with Masters; 0 with PhD / NOTE: Four (4) years of additional experience can be substituted in lieu of degree.
Basic Qualifications:
- US Citizenship is required with an active DoD Top Secret/SCI security clearance which was active in the last 24 months.
- Must possess or be able to obtain DoD 8570 Certification for IAT Level II or higher.
- Minimum 3 years of proven experience with Splunk (or equivalent SIEM) front-end and back-end functionalities.
Preferred Qualifications:
- Familiarity with scripting languages such as Python, PowerShell, or Bash.
- Relevant certifications (e.g., Splunk Core Certified Power User, Splunk Enterprise Certified Admin, Splunk Certified Architect).
- Working knowledge of network security controls such as routers, switches, firewalls, network access controls, and related solutions.
- Working knowledge of Linux and Windows operating systems and applications.
- Excellent analytical and proactive problem-solving skills.
What to expect:
- During the first 30 days of employment onboarding activities to include Northrop Grumman training requirements, program overviews, system architecture familiarization, and department-specific training will establish a solid foundation for the new team member. Introductions to management and team leads will provide insight into the team dynamics while identifying key areas where you will provide value to the mission.
- Day 30 through 90 will consist of further integration to the team and actively sitting with tenured members to gain a better understanding of daily tasks and requirements. Tasks will be assigned in accordance with the appropriate pace needed to guarantee your success.
- Day 90 and onward will consist of mission focused opportunities with the possibility to collaborate across several teams. From leading day-to-day activities in the operations department, to testing cutting-edge feature enhancements to the enterprise architecture, you will have the ability to invest in your future while delivering maximum value to our customer’s mission.
Total rewards:
In addition to the competitive pay and 40 hours of PTO on day 1, as a full-time employee of Northrop Grumman, you are eligible for our competitive benefits package including:
- Medical, Dental & Vision coverage
- 401k Matching
- Educational Assistance / Certification Reimbursement
- Life Insurance
- Employee Assistance Programs & Work/Life Solutions
- Paid Time Off
- Health & Wellness Resources
- Employee Discounts
- Diversity, Equity & Inclusion resources
- (13) Employee Resource Groups
#SEWCYBERFLA
#NGFeaturedjobs
Salary Range: $101,900.00 - $152,900.00The above salary range represents a general guideline; however, Northrop Grumman considers a number of factors when determining base salary offers such as the scope and responsibilities of the position and the candidate's experience, education, skills and current market conditions.Employees may be eligible for a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results. Employees in Vice President or Director positions may be eligible for Long Term Incentives. In addition, Northrop Grumman provides a variety of benefits including health insurance coverage, life and disability insurance, savings plan, Company paid holidays and paid time off (PTO) for vacation and/or personal business.The application period for the job is estimated to be 20 days from the job posting date. However, this timeline may be shortened or extended depending on business needs and the availability of qualified candidates.Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit http://www.northropgrumman.com/EEO. U.S. Citizenship is required for all positions with a government clearance and certain other restricted positions.