Veterans Jobs

Job Information

Northrop Grumman Principal SIEM Application Analyst* in Martinsburg, West Virginia

Information Technology


Discover careers that change the world and further advancements in defense, technology, and engineering today at Northrop Grumman. Use your experience to grow your career and support our global customers with the technology, systems, and solutions they need to enable their missions on the front lines and secure our world every day. With Northrop Grumman, you'll discover a culture built on diversity, respect, and above all teamwork. Together with our group of experts across the technical spectrum, you'll discover opportunities to make a difference in our world and start solving some of the world's most critical problems in the most innovative ways.

Provide cyber security technical control services support as a Principal SIEM (Security Information and Event Management) Application Analyst during core duty hours and be available on-call. Support includes but is not limited to:

  • Security Tools & Technologies

  • Web Content, Application Based Firewalls, IDS/ IPS Technologies - Palo Alto

  • Sourcefire

  • ASA Firewall Technologies - Cisco

  • Big Data and Enterprise Log Aggregation System Technologies - Splunk

  • SIEM Technologies - Splunk

Perform advanced planning, coordination and implementation of complex security models, configuration policy and process recommendations, to include the following:

  • Provide certification and accreditation support in the form of documentation of configurations and controls for all specialized network defense systems and software

  • Identify potential conflicts, via workgroups and meetings, with implementation and integration of specialized network defense systems within the network to protect the overall availability

  • Maintain a network defense test environment used to evaluate new applications, signatures, rules, filters and configurations of managed network defenses systems

  • Conduct security policy configuration life-cycle management as required on security devices

  • Identify, develop and provide recommendations for the improvement of security incident, event detection, security capabilities

  • Conduct formal and informal technical/ engineering studies, analyses, acquisition and systems engineering support that are critical to enable achievement of program goals and objectives and the results shall be documented in Technical and Engineering Reports

  • Policy optimization of security devices:

a) Understand, identify and recommend optimizations to security configurations, and supporting security analytics through tailored detection, analysis, and response services to include the development of documentation, custom configurations, signatures, and dashboards

b) Analyze security measures that enhance data or operational capabilities

c) Perform ongoing analysis of security tools and evaluate available technology capabilities.

Job Category : Information Technology