Principal SIEM Application Analyst

    Northrop Grumman
    Martinsburg, WV
    Full-time, Part-time
    Similar jobs pay $9.83 - $13.71

    Job Description

    Are you interested in expanding your career through experience and exposure, all the while supporting a mission that seeks to ensure the security of our nation and its allies? If so, then Northrop Grumman may be the place for you. As a leading global security company providing innovative systems, products and solutions to customers worldwide, Northrop Grumman offers an extraordinary portfolio of capabilities and technologies. Here at Northrop Grumman we are comprised of professionals that bring different perspectives, are curious about the world, accepting of each other, and understand that the more ideas, backgrounds, and experiences we bring to our work then the more innovative we can be. As we continue to build our talented workforce we look for professionals that exemplify our core values, leadership characteristics, and approach to innovation.

    Provide cyber security technical control services support as a PrincipalSIEM (Security Information and Event Management) Application Analyst during core duty hours and be available on-call. Support includes but is not limited to:
    • Security Tools & Technologies
    • Web Content, Application Based Firewalls, IDS/ IPS Technologies - Palo Alto
    • Sourcefire
    • ASA Firewall Technologies - Cisco
    • Big Data and Enterprise Log Aggregation System Technologies - Splunk
    • SIEM Technologies - Splunk
    Perform advanced planning, coordination and implementation of complex security models, configuration policy and process recommendations, to include the following:

    1. Provide certification and accreditation support in the form of documentation of configurations and controls for all specialized network defense systems and software
    2. Identify potential conflicts, via workgroups and meetings, with implementation and integration of specialized network defense systems within the network to protect the overall availability
    3. Maintain a network defense test environment used to evaluate new applications, signatures, rules, filters and configurations of managed network defenses systems
    4. Conduct security policy configuration life-cycle management as required on security devices
    5. Identify, develop and provide recommendations for the improvement of security incident, event detection, security capabilities
    6. Conduct formal and informal technical/ engineering studies, analyses, acquisition and systems engineering support that are critical to enable achievement of program goals and objectives and the results shall be documented in Technical and Engineering Reports
    7. Policy optimization of security devices:


    a) Understand, identify and recommend optimizations to security configurations, and supporting security analytics through tailored detection, analysis, and response services to include the development of documentation, custom configurations, signatures, and dashboards

    b) Analyze security measures that enhance data or operational capabilities

    c) Perform ongoing analysis of security tools and evaluate available technology capabilities.


    Qualifications :

    Basic Qualifications:
    • Bachelor's degree in Information Technology or other engineering or technical discipline with 5 years of experience or Master's degree in Information Technology or other engineering or technical discipline with 3 years of experience. An additional 4 years of relevant technical experience can be substituted in lieu of a Bachelor's degree
    • Experience with advanced cyber security tools and technologies
    • Extensive experience with preparing professional reports and briefings
    • 5 years' additional experience may be considered in place of the following certifications:
      • Security+
      • Network+
      • VA CSP
      • CISSP
      • C EH
    • US Citizenship in order to obtain a US Public Trust clearance
    Preferred Qualifications:

    Candidates with these desired skills will be given preferential consideration:
    • Knowledge of VA culture, mission, and IT environment
    • Splunk Administrator Certification
    Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit www.northropgrumman.com/EEO. U.S. Citizenship is required for most positions.

    Posting ID: 552780496Posted: 2020-05-21