Full-Time

SIEM Engineer

TS/SCI Required

Confirmed live in the last 24 hours

Northrop Grumman

Northrop Grumman

10,001+ employees

Aerospace and defense technology solutions provider

Robotics & Automation
Cybersecurity
Aerospace
Defense

Compensation Overview

$101.9k - $152.9kAnnually

+ Bonus

Mid

No H1B Sponsorship

Tampa, FL, USA

Relocation assistance may be available.

US Citizenship, US Top Secret Clearance Required

Category
Cybersecurity
IT & Security
Required Skills
Splunk
Requirements
  • US Citizenship is required with an active DoD Top Secret/SCI security clearance which was active in the last 24 months.
  • Must possess or be able to obtain DoD 8570 Certification for IAT Level II or higher.
  • Minimum 3 years of proven experience with Splunk (or equivalent SIEM) front-end and back-end functionalities.
Responsibilities
  • Individual must have experience with Splunk tool. Splunk is the preferred, but experience with an equivalent SIEM would be considered.
  • Develop and Implement Splunk Queries: Create and optimize complex Splunk queries to extract, analyze, and visualize security data from diverse sources. Utilize Splunk Search Processing Language (SPL) to generate actionable insights for proactive threat detection and response.
  • Design Splunk Dashboards and Reports: Design user-friendly Splunk dashboards and reports tailored to different stakeholders, such as security operations teams, management, and auditors. Provide real-time visibility into security events, trends, and key performance indicators.
  • Configure and Maintain Splunk Infrastructure: Configure and fine-tune Splunk deployments, including data inputs, data parsing, field extractions, and data enrichment pipelines. Ensure the continuous availability and optimal performance of Splunk indexes, search heads, and forwarders.
  • Utilize Splunk Enterprise Security: Leverage Splunk Enterprise Security to develop and implement security use cases, correlation searches, and notable events for threat detection and analysis. Monitor security-related alerts and incidents to identify and prioritize security threats.
  • Investigate Security Incidents: Conduct in-depth investigations into security incidents, anomalies, and breaches using Splunk's forensic capabilities. Perform root cause analysis, incident triage, and post-incident reviews to identify gaps in security controls and recommend remediation actions.
  • Collaborate with Cross-Functional Teams: Collaborate with cross-functional teams, including IT, network, and application teams, to integrate Splunk with various platforms and systems. Provide technical expertise in advising on security best practices and designing effective security controls.
  • Documentation and Reporting: Document Splunk configuration, operational procedures, and security findings. Prepare comprehensive reports detailing security events, trends, and mitigation strategies. Communicate technical information effectively to non-technical stakeholders.
  • Collaborate with network engineering teams to strategically deploy network Test Access Points (TAPS) and aggregators to ensure data accuracy, completeness, and compliance.
  • Implement, configure, and manage network TAPs to passively monitor network traffic.
  • Utilize network aggregators to collect, aggregate, and filter data from multiple network sources for effective monitoring and analysis.
  • Help design and engineer Out-of-Band (OOB) SOC infrastructure.

Northrop Grumman provides advanced aerospace and defense technology solutions primarily for government clients, including the U.S. Department of Defense and international allies. The company specializes in areas such as autonomous systems, cybersecurity, and C4ISR, which encompasses command, control, communications, computers, intelligence, surveillance, and reconnaissance. Their products and services are developed through extensive research and development, manufacturing, and integration of advanced technologies. Northrop Grumman stands out from competitors by focusing on long-term contracts that ensure a steady revenue stream, which are often secured through a competitive bidding process. The company's goal is to maintain a strong market position by continuously innovating and delivering comprehensive solutions that meet the evolving needs of the aerospace and defense sectors.

Company Stage

IPO

Total Funding

$192.2M

Headquarters

Falls Church, Virginia

Founded

N/A

Simplify Jobs

Simplify's Take

What believers are saying

  • Northrop Grumman's continuous innovation, exemplified by the Jackal missile and M230LF chain gun, positions it as a leader in cutting-edge defense technology.
  • The company's long-term contracts with government clients ensure a steady revenue stream and financial stability.
  • Significant investments in R&D and partnerships, such as the ammunition production line in Lithuania, offer growth opportunities and market expansion.

What critics are saying

  • The competitive bidding process for government contracts can lead to revenue volatility if Northrop Grumman fails to secure key deals.
  • Dependence on government contracts makes the company vulnerable to changes in defense budgets and political priorities.

What makes Northrop Grumman unique

  • Northrop Grumman's focus on advanced autonomous systems and AI capabilities, such as the FAAD ABM, sets it apart in the defense sector by enhancing real-time decision-making for warfighters.
  • The company's diversified revenue streams across Aerospace Systems, Mission Systems, and Technology Services provide stability and resilience against market fluctuations.
  • Northrop Grumman's strategic partnerships, like the one with Lithuania for ammunition production, expand its global footprint and strengthen international alliances.

Help us improve and share your feedback! Did you find this helpful?