Skip to main contentA logo with &quat;the muse&quat; in dark blue text.
Northrop Grumman

SIEM Administrator

Position Description

Northrop Grumman is seeking a motivated professional to join our Team as an Security Information & Event Management (SIEM) Administrator. This position is located in Quantico, VA. The SIEM Administrator will support the Senior Cyber Security Manager within DSS Cyber Network Defense (CND) unit. Will perform design, management and configuration tasks related to the SIEM, along with data feed on-boarding, capacity planning and content development. The successful candidate will work closely with cyber security professionals from the Security Operation Center and Incident management specialists to maintain and continuously improve the security monitoring and alerting infrastructure.

The successful candidate will possess and apply a comprehensive knowledge across key tasks and high impact assignments. Plan and lead major technology assignments. Evaluate performance results and recommends major changes affecting program success.

Want more jobs like this?

Get jobs delivered to your inbox every week.

By signing up, you agree to our Terms of Service & Privacy Policy.

Roles and Responsibilities

  • Configure and administer the security information and event management (SIEM); provide advanced expertise to maximize the capabilities of the SIEM in order to collect and keep audit data to support technical analysis relating to misuse, penetration, or other incidents involving IT under DSS purview.
  • Installation and management of SIEM infrastructure
  • Develop SIEM content specific to the attack vectors and threats
  • Co-ordinate extensively with networking teams to maintain and establish communication to remote SIEM Collectors/Processors.
  • Integrate all security and application log data into SIEM
  • Work with Incident and Vulnerability management teams tuning the SIEM application to suppress or alert on false positive security events.
  • Closely work with offering teams on implementation and growth planning for installations of event processors/collectors.
  • Break-fix triage, resolution and restoration of service for SIEM application and event collector images.
  • Configure SIEM to be able to collect and analyze event logs, personal accounts, system inventories and other sources to determine root cause and incident response measures.
  • Improve information and knowledge sharing capabilities.
  • Develop and recommend detailed solutions for network defense improvements to reduce or mitigate incidents

DSSEITS

Basic Qualifications:

  • 6 years' of Cyber Security experience with a Bachelor's degree in a technical specialty: cyber security, computer science, or similar field. (4 years' experience with a Master's). May accept four (4) years of additional relevant experience in lieu of a degree.
  • At least three (3) years of experience successfully administrating a centralized SIEM system.
  • At least 3 years of Linux Operating System (OS) Administration experience
  • Experience developing SIEM content
  • Experience integrating McAfee HBSS and other security tools into SIEM
  • Experience developing custom feeds into SIEM
  • IAT-I, II or III IA Baseline Certification (SEC , CISSP preferred)
  • CND Incident Responder IA Baseline Certification Incident Responder: (CEH, GCIA, GCIH, GCFA)
  • Computing Environment or OS Certificate
  • Must possess an active/current TS/SCI clearance.

Preferred Qualifications:

  • CCNA certification
  • ITIL v3 certification
  • Experience with Forensic investigation procedures and tools, e.g Encase Forensic.
  • CJCSM 6510.01B Cyber incident and reporting management experience.
  • Familiar with any of the following: Akamai, ArcSight, Splunk, Qradar, McAfee ESM

Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit www.northropgrumman.com/EEO. U.S. Citizenship is required for most positions.

Job ID: 60b65830d27bc441e8052052111ca61d
Employment Type: Other

Perks and Benefits

  • Health and Wellness

    • Health Insurance
    • Dental Insurance
    • Vision Insurance
    • Life Insurance
    • Short-Term Disability
    • Long-Term Disability
    • HSA
    • HSA With Employer Contribution
    • On-Site Gym
    • Pet Insurance
    • Mental Health Benefits
    • Virtual Fitness Classes
  • Parental Benefits

    • Birth Parent or Maternity Leave
    • Non-Birth Parent or Paternity Leave
    • Fertility Benefits
    • Adoption Assistance Program
    • Family Support Resources
    • Adoption Leave
  • Work Flexibility

    • Flexible Work Hours
    • Remote Work Opportunities
    • Hybrid Work Opportunities
    • Four-Day Work Week
  • Office Life and Perks

    • Commuter Benefits Program
    • Company Outings
    • On-Site Cafeteria
    • Holiday Events
  • Vacation and Time Off

    • Paid Vacation
    • Paid Holidays
    • Sabbatical
    • Leave of Absence
  • Financial and Retirement

    • 401(K)
    • 401(K) With Company Matching
    • Performance Bonus
    • Relocation Assistance
    • Financial Counseling
    • Profit Sharing
  • Professional Development

    • Tuition Reimbursement
    • Promote From Within
    • Mentor Program
    • Shadowing Opportunities
    • Access to Online Courses
    • Lunch and Learns
    • Internship Program
    • Leadership Training Program
    • Associate or Rotational Training Program
  • Diversity and Inclusion

    • Diversity, Equity, and Inclusion Program
    • Employee Resource Groups (ERG)
    • Woman founded/led

Company Videos

Hear directly from employees about what it is like to work at Northrop Grumman.

This job is no longer available.

Search all jobs