Northrop Grumman Looking for Cyber Incident Analyst Responder (SOC) at Tampa, FL Full Time

At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people’s lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation’s history – from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work – and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they’re making history.

Northrop Grumman Mission Systems is a trusted provider of mission-enabling solutions for global security. Our Engineering and Sciences (E&S) organization pushes the boundaries of innovation, redefines engineering capabilities, and drives advances in various sciences. Our team is chartered with providing the skills, innovative technologies to develop, design, produce and sustain optimized product lines across the sector while providing a decisive advantage to the warfighter. Come be a part of our mission!

We are looking for you to join our team as a Cyber Incident Analyst Responder based out of Tampa Fla. As a Cyber Incident Analyst Responder at Northrop Grumman you will have a challenging and rewarding opportunity to be a part of our Enterprise-wide digital transformation. Through the use of Model-based Engineering, DevSecOps and Agile practices we continue to evolve how we deliver critical national defense products and capabilities for the warfighter. Our success is grounded in our ability to embrace change, move quickly and continuously drive innovation. The successful candidate will be collaborative, open, transparent, and team-oriented with a focus on team empowerment & shared responsibility, flexibility, continuous learning, and a culture of automation.

The Cyber Incident Analyst Responder serves as a major contributor in the areas of Intrusion Detection and Prevention and serves as key component to our Network Threat detection activities in support of our program. The primary team is located in Tampa, Florida with distributed team members embedded directly with the customer.

Job Description:
Individuals collect and analyze event information and perform threat or target analysis duties. Provides operations for persistent monitoring on a 24/7 basis of all designated networks, enclaves, and systems. Interprets, analyzes, and reports all events and anomalies in accordance with Computer Network directives, including initiating, responding, and reporting discovered events. Manages and executes first-level responses and addresses reported or detected incidents. Reports to and coordinates with external organizations and authorities. Coordinates and distributes directives, vulnerability, and threat advisories to identified consumers. Provides daily summary reports of network events and activities and delivers metric reports.

Job Responsibilities:

• Knowledge of Splunk Enterprise SIEM products (ES, UBA, Phantom)
• Knowledge of crafting searches through search processing language (SPL)
• Conduct investigations via Splunk ES and Phantom playbooks to identify the root cause of an incident.
• Document key event details and analytical findings in analysis reports and incident management systems such as JIRA and Confluence.
• Produce and update technical analysis documentation (processes, procedures, analysis criteria, report templates, etc.).
• Conduct incident response procedures to react to threats and proactively hunt additional threats.

Basic Qualifications:

• 2 years of applicable experience with a Bachelors in Science; 0 Years with of applicable experience with a Masters; 0 NOTE: Four (4) years of additional experience can be substituted in lieu of degree
• US Citizenship is required with an active DoD Top Secret/SCI security clearance which was active in the last 24 months
• Must possess or be able to obtain DoD 8570 Certification for IAT Level II or higher within two (2) months of starting

Preferred Qualifications:

• DoD 8570 Certification for IAT Level III
• Vulnerability assessment experience
• Experience with Assured Compliance Assessment Solution (ACAS), Host Based Security System (HBSS), Splunk, and other enterprise security defense and forensic tools
• Working knowledge of network security controls such as routers, switches, firewalls, network access controls, and related solutions
• Working knowledge of Linux and Windows operating systems and applications

Salary Range: $64,600 USD – $97,000 USD

Employees may be eligible for a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results. Employees in Vice President or Director positions may be eligible for Long Term Incentives. In addition, Northrop Grumman provides a variety of benefits including health insurance coverage, life and disability insurance, savings plan, Company paid holidays and paid time off (PTO) for vacation and/or personal business.

The health and safety of our employees and their families is a top priority. The company encourages employees to remain up-to-date on their COVID-19 vaccinations. U.S. Northrop Grumman employees may be required, in the future, to be vaccinated or have an approved disability/medical or religious accommodation, pursuant to future court decisions and/or government action on the currently stayed federal contractor vaccine mandate under Executive Order 14042 https://www.saferfederalworkforce.gov/contractors/ .

Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit http://www.northropgrumman.com/EEO . U.S. Citizenship is required for most positions.