SIEM Engineer (TS/SCI Required)

Requisition ID: R10165408
• Category: Information Technology
• Location: Tampa, Florida, United States of America
• Clearance Type: Top Secret
• Telecommute: No - Teleworking not available for this position
• Shift: Days (United States of America)
• Travel Required: Yes, 10% of the Time
• Relocation Assistance: Relocation assistance may be available
• Positions Available: 1

At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history. We look for people who have bold new ideas, courage, and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity, and bringing your whole self to work.

Job Responsibilities:

1. Individual must have experience with Splunk tool. Splunk is preferred, but experience with an equivalent SIEM would be considered.
2. Develop and Implement Splunk Queries: Create and optimize complex Splunk queries to extract, analyze, and visualize security data from diverse sources. Utilize Splunk Search Processing Language (SPL) to generate actionable insights for proactive threat detection and response.
3. Design Splunk Dashboards and Reports: Design user-friendly Splunk dashboards and reports tailored to different stakeholders, such as security operations teams, management, and auditors.
4. Configure and Maintain Splunk Infrastructure: Configure and fine-tune Splunk deployments, ensuring optimal performance of Splunk indexes, search heads, and forwarders.
5. Utilize Splunk Enterprise Security: Develop and implement security use cases, correlation searches, and notable events for threat detection and analysis.
6. Investigate Security Incidents: Conduct in-depth investigations into security incidents, anomalies, and breaches using Splunk's forensic capabilities.
7. Collaborate with Cross-Functional Teams: Collaborate with IT, network, and application teams to integrate Splunk with various platforms and systems.
8. Documentation and Reporting: Document Splunk configuration, operational procedures, and security findings. Prepare comprehensive reports detailing security events, trends, and mitigation strategies.

Minimum Education / Experience for SIEM Engineer: 5 Years with Bachelor of Science; 3 Years with Masters; 0 with PhD. NOTE: Four (4) years of additional experience can be substituted in lieu of degree.

Basic Qualifications:

1. US Citizenship is required with an active DoD Top Secret/SCI security clearance which was active in the last 24 months.
2. Must possess or be able to obtain DoD 8570 Certification for IAT Level II or higher.
3. Minimum 3 years of proven experience with Splunk (or equivalent SIEM) front-end and back-end functionalities.

Preferred Qualifications:

1. Familiarity with scripting languages such as Python, PowerShell, or Bash.
2. Relevant certifications (e.g., Splunk Core Certified Power User, Splunk Enterprise Certified Admin).
3. Working knowledge of network security controls such as routers, switches, firewalls, and related solutions.
4. Working knowledge of Linux and Windows operating systems.
5. Excellent analytical and proactive problem-solving skills.

What to expect:

1. During the first 30 days of employment: onboarding activities will establish a solid foundation for the new team member.
2. Day 30 through 90: further integration to the team and actively sitting with tenured members.
3. Day 90 and onward: mission-focused opportunities with the possibility to collaborate across several teams.

Total rewards:

In addition to the competitive pay and 40 hours of PTO on day 1, as a full-time employee of Northrop Grumman, you are eligible for our competitive benefits package.

Salary Range: $101,900 - $152,900. The above salary range represents a general guideline.

The application period for the job is estimated to be 20 days from the job posting date. Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer.