RELOCATION ASSISTANCE: No relocation assistance available
CLEARANCE REQUIRED FOR START: Yes
CLEARANCE TYPE: Top Secret
TRAVEL: No
DescriptionWe are seeking experienced Cybersecurity Analysts to work on-site at our Tampa, FL location.
Note: Due to the classified nature of the work being performed, this position does not offer any virtual or telecommute working options. Applicants are encouraged to apply, only if they are willing to work on-site.
This position follows a Panama schedule that includes working 12-hour shifts. This schedule allows for employees to have a three-day weekend every other week and rotates from days to nights approximately every 12 weeks. Employees are compensated with a pay differential during their night shift rotations.
What You’ll get to Do
Essential Duties:
- Utilize your experience with a Security Information and Event Management (SIEM) tool. Splunk is preferred, but experience with an equivalent SIEM would be acceptable.
- Develop and Implement Splunk Queries: Create and optimize complex Splunk queries to extract, analyze, and visualize security data from diverse sources. Utilize Splunk Search Processing Language (SPL) to generate actionable insights for proactive threat detection and response.
- Design Splunk Dashboards and Reports: Design user-friendly Splunk dashboards and reports tailored to different stakeholders, such as security operations teams, management, and auditors. Provide real-time visibility into security events, trends, and key performance indicators.
- Configure and Maintain Splunk Infrastructure: Configure and fine-tune Splunk deployments, including data inputs, data parsing, field extractions, and data enrichment pipelines. Ensure the continuous availability and optimal performance of Splunk indexes, search heads, and forwarders.
- Utilize Splunk Enterprise Security: Leverage Splunk Enterprise Security to develop and implement security use cases, correlation searches, and notable events for threat detection and analysis. Monitor security-related alerts and incidents to identify and prioritize security threats.
- Utilize Trellix/Endpoint Security Solutions (ESS), formally Host Based Security System (HBSS) to detect and counter known threats.
- Collaborate with Cross-Functional Teams: Collaborate with cross-functional teams, including IT, network, and application teams, to integrate Splunk with various platforms and systems. Provide technical expertise in advising security on best practices and designing effective security controls.
- Investigate Security Incidents: Conduct in-depth investigations into security incidents, anomalies, and breaches using Splunk's forensic capabilities. Perform root cause analysis, incident triage, and post-incident reviews to identify gaps in security controls and recommend remediation actions.
- Documentation and Reporting: Document Splunk configuration, operational procedures, and security findings. Prepare comprehensive reports detailing security events, trends, and mitigation strategies. Communicate technical information effectively to non-technical stakeholders.
- Stay current with Industry Trends: Stay abreast of the latest cybersecurity threats, vulnerabilities, and industry best practices. Continuously enhance your knowledge of Splunk features and capabilities through self-study, professional training, and certifications.
- Individual must have a solid understanding of security information and event management (SIEM) concepts and best practices to include proficiency in troubleshooting Splunk configurations and performance issues.
- Ability to collaborate with other teams to investigate security incidents and provide insights for improving security posture.
Basic Qualifications for Cybersecurity Analyst:
- Bachelor’s degree with 2 years of experience OR a Master’s degree with 0 years of experience.
- U.S. Citizenship required
- A current/active DoD TS/SCI clearance
- Must possess DoD 8570 Certification for IAT Level II or higher prior to start date.
- Experience with a Security Information and Event Management (SIEM) tool.
- Ability to collaborate with other teams to investigate security incidents and provide insights for improving security posture.
- Working knowledge of network security controls such as routers, switches, firewalls and network access controls.
- Working Knowledge of Linux and Windows Operating Systems.
- Knowledge of vulnerabilities, threat detection, encryption, and security audits.
- Must be willing to work a Panama schedule that includes working 12-hour shifts.
Primary Level Salary Range: $79,300.00 - $118,900.00
The above salary range represents a general guideline; however, Northrop Grumman considers a number of factors when determining base salary offers such as the scope and responsibilities of the position and the candidate's experience, education, skills and current market conditions.
Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results. Employees in Vice President or Director positions may be eligible for Long Term Incentives. In addition, Northrop Grumman provides a variety of benefits including health insurance coverage, life and disability insurance, savings plan, Company paid holidays and paid time off (PTO) for vacation and/or personal business.
The application period for the job is estimated to be 20 days from the job posting date. However, this timeline may be shortened or extended depending on business needs and the availability of qualified candidates.