Security Operations Center (SOC) AnalystTampa, FL

Requisition ID: R10156050

  • Category: Information Technology

  • Location: Tampa, Florida, United States of America

  • Clearance Type: Top Secret

  • Telecommute: No- Teleworking not available for this position

  • Shift: Days (United States of America)

  • Travel Required: Yes, 10% of the Time

  • Relocation Assistance: Relocation assistance may be available

  • Positions Available: 1

At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work — and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history.

Northrop Grumman Mission Systems is actively seeking an experienced Security Operations Center (SOC) Analyst to fill a role that requires a broad array of knowledge and skills working with team members to support a Cyber Security program based in Tampa, FL.

Our team is always looking for highly motivated individuals with impeccable work ethic and a strong ability to work in a collaborative dynamic team environment. This provides an environment to grow your expertise and sharpen your skills & knowledge. The primary team is located in Tampa, Florida with distributed team members embedded directly with the customer.

Job Responsibilities:

In this position you will:

  • Individual must have experience with a Security Information and Event Management (SIEM) tool. Splunk is the preferred, but experience with an equivalent SIEM would be acceptable.

  • Develop and Implement Splunk Queries: Create and optimize complex Splunk queries to extract, analyze, and visualize security data from diverse sources. Utilize Splunk Search Processing Language (SPL) to generate actionable insights for proactive threat detection and response.

  • Design Splunk Dashboards and Reports: Design user-friendly Splunk dashboards and reports tailored to different stakeholders, such as security operations teams, management, and auditors. Provide real-time visibility into security events, trends, and key performance indicators.

  • Configure and Maintain Splunk Infrastructure: Configure and fine-tune Splunk deployments, including data inputs, data parsing, field extractions, and data enrichment pipelines. Ensure the continuous availability and optimal performance of Splunk indexes, search heads, and forwarders.

  • Utilize Splunk Enterprise Security: Leverage Splunk Enterprise Security to develop and implement security use cases, correlation searches, and notable events for threat detection and analysis. Monitor security-related alerts and incidents to identify and prioritize security threats.

  • Collaborate with Cross-Functional Teams: Collaborate with cross-functional teams, including IT, network, and application teams, to integrate Splunk with various platforms and systems. Provide technical expertise in advising on security best practices and designing effective security controls.

  • Investigate Security Incidents: Conduct in-depth investigations into security incidents, anomalies, and breaches using Splunk's forensic capabilities. Perform root cause analysis, incident triage, and post-incident reviews to identify gaps in security controls and recommend remediation actions.

  • Documentation and Reporting: Document Splunk configuration, operational procedures, and security findings. Prepare comprehensive reports detailing security events, trends, and mitigation strategies. Communicate technical information effectively to non-technical stakeholders.

  • Stay Current with Industry Trends: Stay abreast of the latest cybersecurity threats, vulnerabilities, and industry best practices. Continuously enhance your knowledge of Splunk features and capabilities through self-study, professional training, and certifications.

  • Individual must have a solid understanding of security information and event management (SIEM) concepts and best practices to include proficiency in troubleshooting Splunk configurations and performance issues.

  • Ability to collaborate with security teams to investigate security incidents and provide insights for improving security posture.

Minimum Education / Experience for Principal Cyber Info Assurance Analyst: 5 Years with Bachelor of Science; 3 Years with Masters; 0 with PhD / NOTE: Four (4) years of additional experience can be substituted in lieu of degree.

Basic Qualifications:

  • US Citizenship is required with an active DoD Top Secret/SCI security clearance which was active in the last 24 months.

  • Must possess DoD 8570 Certification for IAT Level II or higher prior to start date

Preferred Qualifications:

  • DoD 8570 Certification for IAT Level III.

  • Proven experience with Splunk (or equivalent SIEM) front-end and/or back-end functionalities.

  • Familiarity with scripting languages such as Python, PowerShell, or Bash.

  • Relevant certifications (e.g., Splunk Core Certified Power User, Splunk Enterprise Certified Admin).

  • Working knowledge of network security controls such as routers, switches, firewalls, network access controls, and related solutions.

  • Working knowledge of Linux and Windows operating systems and applications.

  • Excellent analytical and problem-solving skills.

What to expect:

  • During the first 30 days of employment onboarding activities to include Northrop Grumman training requirements, program overviews, system architecture familiarization, and department-specific training will establish a solid foundation for the new team member. Introductions to management and team leads will provide insight into the team dynamics while identifying key areas where you will provide value to the mission.

  • Day 30 through 90 will consist of further integration to the team and actively sitting with tenured members to gain a better understanding of daily tasks and requirements. Tasks will be assigned in accordance with the appropriate pace needed to guarantee your success.

  • Day 90 and onward will consist of mission focused opportunities with the possibility to collaborate across several teams. From leading day-to-day activities, to testing cutting-edge feature enhancements to the enterprise architecture, you will have the ability to invest in your future while delivering maximum value to our customer’s mission.

Total rewards:

  • In addition to the competitive pay and 40 hours of PTO on day 1, as a full-time employee of Northrop Grumman, you are eligible for our competitive benefits package including:

  • - Medical, Dental & Vision coverage

  • - 401k 6% Matching

  • - Educational Assistance ($10,000 a year) / Certification Reimbursement

  • - Life Insurance

  • - Employee Assistance Programs & Work/Life Solutions

  • - Paid Time Off

  • - Health & Wellness Resources

  • - Employee Discounts

  • - Diversity, Equity & Inclusion resources

  • - Veteran Resources

#SEWCYBERFLA

#NGFeaturedJobs

Learn more about the exciting mission at Northrop Grumman:

Salary Range: $92,600 - $139,000

The above salary range represents a general guideline; however, Northrop Grumman considers a number of factors when determining base salary offers such as the scope and responsibilities of the position and the candidate's experience, education, skills and current market conditions.

Employees may be eligible for a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results. Employees in Vice President or Director positions may be eligible for Long Term Incentives. In addition, Northrop Grumman provides a variety of benefits including health insurance coverage, life and disability insurance, savings plan, Company paid holidays and paid time off (PTO) for vacation and/or personal business.

The application period for the job is estimated to be 20 days from the job posting date. However, this timeline may be shortened or extended depending on business needs and the availability of qualified candidates.

Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit. U.S. Citizenship is required for all positions with a government clearance and certain other restricted positions.