Northrop Grumman Principal Computer Systems Security Analyst- SPLUNK in Woodlawn, Maryland
Are you interested in expanding your career through experience and exposure, all while supporting a mission that seeks to ensure the security of our nation and its allies? If so, then Northrop Grumman is the place for you. As a leading global security company, we provide innovative systems, products and solutions to our customers worldwide. We are comprised of diverse professionals that bring different perspectives and ideas, understanding that the more experiences we bring to our work the more innovative we can be. As we continue to build our workforce we look for people that exemplify our core values, leadership characteristics, and approach to innovation.
Role and Responsibilities:
• Create Splunk dashboards and queries
• Maintaining and customizing queries for new and/or existing reports by incorporating most up-to-date data from the customer
• Developing high-level dashboards with visual metrics for OIS stakeholders
• Working with multiple data sources for reporting
• Analyzing security data, and trending report data
• Designing, building and configuring existing and new application to meet business process requirements
• Experience using RegEx
• Review, process, and manage onboarding process and define required configurations for the request
• Implementing configuration to use universal forwarders, Syslog and OpenShift for production deployment
• Develop scripts and code with security tools
• Develop processes and schedule to review existing methodologies and queries for all divisional metrics
• Become knowledgeable on the CDM technical requirements for SSA's CDM program. Understand your role in CDM activities
• Involved in a wide range of security issues including architectures, firewalls, electronic data traffic, and network access
• Design, manage, and maintain agency SIEM infrastructure
• Maintenance, configuration and implementing products, appliances and devices on the SSA's network
• Providing expertise in data analytics and the ability to tune data to meet defined metrics
• Utilize Tanium endpoint security tools for software remediation requirements
• Developing and updating documentation for DSE procedures relating to data analytics, software authorization and
procedures relating to data analytics, software authorization and onboarding processes
• Participate in weekly status meeting reports for data analytics, software authorization process and Onboarding
• Developing processes to migrate from existing manual unauthorized software reporting efforts to automated reports and dashboards using Tanium and Splunk • Providing technical guidance for the implementation of software whitelisting and blacklisting tools
• Supporting bi-weekly unauthorized software reporting endeavor by analyzing and examining systems for unapproved use
• Provide analysis and technical expertise to incorporate the security exceptions process into the agency's whitelisting and blacklisting tool (e.g. Tanium)
• Assist internal agency staff with evaluating submitted security exception requests
• Team lead covering five (5) activities
• Prepare and submit all WSR, ETPRs and MMR management reports
• Strengthen relationships with SSA customer and technical team.
• Bachelor's degree and 7 years of experience, or Master's degree and 5 years of experience. An additional 4 years of applied experience may be substituted in lieu of a degree.
• Active and recent Splunk Administration certification (Power User)
• Minimum of 6 years experience using: Splunk, specifically Splunk scripting and Tanium
• Minimum of 4 years of experience with: SAS, Linux, VMware, RegEx
• In-depth knowledge of designing, upgrading, maintaining and implementing network devices on a large scale enterprise
• Demonstrated experience with the coordination and communication with other remotely deployed team members
• Demonstrated experience developing documentation with processes and procedures
• Demonstrated experience proposing, implementing automation features in a large enterprise environment
• Minimum of 3 years of experience in developing and tailoring reporting from network security tools.
• US Citizenship or Permanent Residency (Green Card holder) is required in order to obtain and maintain required Position of Public Trust clearance
• Certification in CISSP, CCNA, Security+, CEH, or ITIL
• Prior experience supporting the Social Security Administration or similar government agencies a plus
• Understanding of business processes supporting IT programs, networks, and/or cybersecurity programs
• Understanding of network technologies, work flows, IT reporting, etc.
• Must be a self-starter, position is remote from the other team members.
• Must communicate clearly to team members, be comfortable with coordination, collaboration and communication when performing network activities
Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/ Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/ AA and Pay Transparency statement, please visit www.northropgrumman.com/EEO. U.S. Citizenship is required for most positions
Job Category : Information Technology