Northrop Grumman Computer Systems Security Analyst* in Chicago, Illinois
Discover careers that change the world and further advancements in defense, technology, and engineering today at Northrop Grumman. Use your experience to grow your career and support our global customers with the technology, systems, and solutions they need to enable their missions on the front lines and secure our world every day. With Northrop Grumman, you'll discover a culture built on diversity, respect, and above all teamwork. Together with our group of experts across the technical spectrum, you'll discover opportunities to make a difference in our world and start solving some of the world's most critical problems in the most innovative ways.
Shift 2 Hours of Support provided include the following: 2:00 PM - 10:30 PM (CST)
Roles and Responsibilities:
Duties and responsibilities may include, but are not limited to:
• Utilize various security tools (e.g., Splunk, Splunk Enterprise Security, Palo Alto Networks, SourceFire, Cisco ASA) to
identify potential incidents, network intrusions, and malware events, etc. to ensure confidentiality, integrity, and availability
of VA architecture and information systems are protected
• Track investigations in Help Desk systems including Remedy and Service Now
• Utilization of Splunk ES SIEM to respond to incidents detected on the VA network
• Reviewing and analyzing log files to report any unusual or suspect activities
• Utilize incident response use-case workflows to follow established and repeatable processes for triaging and escalating
• Generating trouble tickets and performing initial validation and triage to determine whether incidents are security events.
• Complete investigations in to identified cyber events and hand over as appropriate
• Following established incident response procedures to ensure proper escalation, analysis and resolution of security
• Develop and maintain Incident Response procedures and Security SOPs.
• Analyzing and correlating incident event data to develop preliminary root cause and corresponding remediation strategy
• Communicate effectively to all customers and stakeholders
• Work with other contract teams to effectively respond to cyber incidents
• Providing technical support for new detection capabilities, recommendations to improve upon existing tools/capabilities to
protect the network and High Value Assets
Job Category : Information Technology