SIEM Engineer (TS/SCI Required) - DoD SkillBridge - Tampa FL

Posted:
7/31/2024, 5:00:00 PM

Location(s):
Florida, United States ⋅ Tampa, Florida, United States

Experience Level(s):
Mid Level

Field(s):
Mechanical Engineering

Workplace Type:
On-site

US CITIZENSHIP REQUIRED FOR THIS POSITION: Yes

RELOCATION ASSISTANCE: Relocation assistance may be available

CLEARANCE TYPE: Top Secret

TRAVEL: Yes, 10% of the Time

Description

At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work — and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history.

As one of the largest global security companies in the world, Northrop Grumman is proud to help our nation’s military personnel make the transition to civilian careers. Approximately 1/4th of Northrop Grumman’s 90,000 employees self-identify as veterans, and more than 1,600 are reservists.

The Northrop Grumman Military Internship Program (NG-MIP) is an approved SkillBridge Program under Dept. of Defense Instruction 1322.29 .The NG-MIP program is an opportunity for transitioning service members to gain valuable civilian work experience through an individual internship during their last 6 months of service, for up to 180 days. The Northrop Grumman Military internship Program is open to all ranks and experience levels. SkillBridge participants are not eligible for compensation from Northrop Grumman, as they continue to receive military compensation and benefits as active-duty service members.

Responsibilities for this internship position are:

Northrop Grumman Corporation (NGC) has developed the Northrop Grumman – Military Internship Program (DoD SkillBridge) utilizing the DoDI guidance for SkillBridge. During this program the service member will be on-site at his or her host company performing an individual internship in an entry to mid-level career type role. The service member will be on the job training supporting a work schedule equivalent to 40hrs per week. Outlined below are the Goals, Objectives, and Outcomes for the program.

Goals – Provide transitioning service members fellowship-style job skills training during the last portion(s) of their military commitment. This program is specifically designed to offer internships that result in the potential to transition to a full-time opportunity as the conclusion of the training. Interns will serve as a pipeline for high-speed, motivated military candidates into NGC.

Objectives - Service Members who complete the Intern program will be highly-trained, capable, future employees that align to the specific needs of the organization and are prepared to meet the NG mission “Defining Possible” on Day 1. This program provides a comprehensive internship experience including professional development, networking with leadership, and training specifically focused on NG leadership principles, company history, customer/stakeholder engagement, product and service overview, and core job responsibilities.

Outcome – Offer transitioning service member a rewarding opportunity to join the Northrop Grumman team.

DoD SkillBridge Eligibility:

* Has served at least 180 days on active duty

* Is within 12 months of separation or retirement

* Will receive an honorable discharge

* Has taken any service TAPS/TGPS

* Has attended or participated in an ethics brief within the last 12 months

* Received Unit Commander (first O-4/Field Grade commander in chain of command) written authorization and approval to participate in DoD SkillBridge Program prior to start of internship.

Northrop Grumman Mission Systems is actively seeking an experienced Security Information and Event Management (SIEM) Engineer to fill a role that requires a broad array of knowledge and skills working with team members to support a Cyber Security program based in Tampa, FL.

 

Our team is always looking for highly motivated individuals with impeccable work ethic and a strong ability to work in a collaborative dynamic team environment.  This provides an environment to grow your expertise and sharpen your skills & knowledge.  The primary team is located in Tampa, Florida with distributed team members embedded directly with the customer.

Job Responsibilities:

In this position you will:

  • Individual must have experience with Splunk tool. Splunk is the preferred, but experience with an equivalent SIEM would be considered.
  • Develop and Implement Splunk Queries: Create and optimize complex Splunk queries to extract, analyze, and visualize security data from diverse sources. Utilize Splunk Search Processing Language (SPL) to generate actionable insights for proactive threat detection and response.
  • Design Splunk Dashboards and Reports: Design user-friendly Splunk dashboards and reports tailored to different stakeholders, such as security operations teams, management, and auditors. Provide real-time visibility into security events, trends, and key performance indicators.
  • Configure and Maintain Splunk Infrastructure: Configure and fine-tune Splunk deployments, including data inputs, data parsing, field extractions, and data enrichment pipelines. Ensure the continuous availability and optimal performance of Splunk indexes, search heads, and forwarders.
  • Utilize Splunk Enterprise Security: Leverage Splunk Enterprise Security to develop and implement security use cases, correlation searches, and notable events for threat detection and analysis. Monitor security-related alerts and incidents to identify and prioritize security threats.
  • Investigate Security Incidents: Conduct in-depth investigations into security incidents, anomalies, and breaches using Splunk's forensic capabilities. Perform root cause analysis, incident triage, and post-incident reviews to identify gaps in security controls and recommend remediation actions.
  • Collaborate with Cross-Functional Teams: Collaborate with cross-functional teams, including IT, network, and application teams, to integrate Splunk with various platforms and systems. Provide technical expertise in advising on security best practices and designing effective security controls.
  • Documentation and Reporting: Document Splunk configuration, operational procedures, and security findings. Prepare comprehensive reports detailing security events, trends, and mitigation strategies. Communicate technical information effectively to non-technical stakeholders.
  • Collaborate with network engineering teams to strategically deploy network Test Access Points (TAPS) and aggregators to ensure data accuracy, completeness, and compliance.
  • Implement, configure, and manage network TAPs to passively monitor network traffic.
  • Utilize network aggregators to collect, aggregate, and filter data from multiple network sources for effective monitoring and analysis.
  • Help design and engineer Out-of-Band (OOB) SOC infrastructure.

Minimum Education / Experience for SIEM Engineer: 5 Years with Bachelor of Science; 3 Years with Masters; 0 with PhD / NOTE: Four (4) years of additional experience can be substituted in lieu of degree.
 

Basic Qualifications:

  • US Citizenship is required with an active DoD Top Secret/SCI security clearance which was active in the last 24 months.
  • Must possess or be able to obtain DoD 8570 Certification for IAT Level II or higher.
  • Minimum 3 years of proven experience with Splunk (or equivalent SIEM) front-end and back-end functionalities.

Preferred Qualifications:

  • Familiarity with scripting languages such as Python, PowerShell, or Bash.
  • Relevant certifications (e.g., Splunk Core Certified Power User, Splunk Enterprise Certified Admin, Splunk Certified Architect).
  • Working knowledge of network security controls such as routers, switches, firewalls, network access controls, and related solutions.
  • Working knowledge of Linux and Windows operating systems and applications.
  • Excellent analytical and proactive problem-solving skills.

#SEWCYBERFLA

#NGFeaturedjobs

Salary Range: $101,900.00 - $152,900.00

The above salary range represents a general guideline; however, Northrop Grumman considers a number of factors when determining base salary offers such as the scope and responsibilities of the position and the candidate's experience, education, skills and current market conditions.

Employees may be eligible for a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results. Employees in Vice President or Director positions may be eligible for Long Term Incentives. In addition, Northrop Grumman provides a variety of benefits including health insurance coverage, life and disability insurance, savings plan, Company paid holidays and paid time off (PTO) for vacation and/or personal business.

The application period for the job is estimated to be 20 days from the job posting date. However, this timeline may be shortened or extended depending on business needs and the availability of qualified candidates.

Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit http://www.northropgrumman.com/EEO. U.S. Citizenship is required for all positions with a government clearance and certain other restricted positions.