Northrop Grumman · 1 day ago
Principal Cybersecurity Analyst - R10219438
Tampa, FL
Full-time
Onsite
Senior Level, Lead/Staff
$79K/yr - $119K/yr
5+ years expNorthrop Grumman is a leader in technological advancements and is seeking a Principal Cybersecurity Analyst to join their team. The role involves utilizing SIEM tools, particularly Splunk, to detect and respond to security threats while collaborating with cross-functional teams to enhance security posture.
AerospaceData IntegrationManufacturingRemote SensingSecurity
No H1B
Security Clearance RequiredU.S. Citizen Only
Responsibilities
Utilize your experience with a Security Information and Event Management (SIEM) tool. Splunk is preferred, but experience with an equivalent SIEM would be acceptable
Develop and Implement Splunk Queries: Create and optimize complex Splunk queries to extract, analyze, and visualize security data from diverse sources. Utilize Splunk Search Processing Language (SPL) to generate actionable insights for proactive threat detection and response
Design Splunk Dashboards and Reports: Design user-friendly Splunk dashboards and reports tailored to different stakeholders, such as security operations teams, management, and auditors. Provide real-time visibility into security events, trends, and key performance indicators
Configure and Maintain Splunk Infrastructure: Configure and fine-tune Splunk deployments, including data inputs, data parsing, field extractions, and data enrichment pipelines. Ensure the continuous availability and optimal performance of Splunk indexes, search heads, and forwarders
Utilize Splunk Enterprise Security: Leverage Splunk Enterprise Security to develop and implement security use cases, correlation searches, and notable events for threat detection and analysis. Monitor security-related alerts and incidents to identify and prioritize security threats
Utilize Trellix/Endpoint Security Solutions (ESS), formally Host Based Security System (HBSS) to detect and counter known threats
Collaborate with Cross-Functional Teams: Collaborate with cross-functional teams, including IT, network, and application teams, to integrate Splunk with various platforms and systems. Provide technical expertise in advising security on best practices and designing effective security controls
Investigate Security Incidents: Conduct in-depth investigations into security incidents, anomalies, and breaches using Splunk's forensic capabilities. Perform root cause analysis, incident triage, and post-incident reviews to identify gaps in security controls and recommend remediation actions
Documentation and Reporting: Document Splunk configuration, operational procedures, and security findings. Prepare comprehensive reports detailing security events, trends, and mitigation strategies. Communicate technical information effectively to non-technical stakeholders
Stay current with Industry Trends: Stay abreast of the latest cybersecurity threats, vulnerabilities, and industry best practices. Continuously enhance your knowledge of Splunk features and capabilities through self-study, professional training, and certifications
Individual must have a solid understanding of security information and event management (SIEM) concepts and best practices to include proficiency in troubleshooting Splunk configurations and performance issues
Ability to collaborate with other teams to investigate security incidents and provide insights for improving security posture
Qualification
Required
Bachelor's degree with 2 years of experience OR a Master's degree with 0 years of experience
US Citizenship is required with an active DoD Top Secret/SCI security clearance
Must possess DoD 8570 Certification for IAT Level II or higher prior to start date
Experience with a Security Information and Event Management (SIEM) tool
Working knowledge of network security controls such as routers, switches, firewalls and network access controls
Proficiency with both Linux and Windows Operating Systems
Knowledge of vulnerabilities, threat detection, encryption, and security audits
Bachelor's degree with 5 years of experience; OR a Master's degree with 3 years of experience; OR a PhD with 1 year of experience
Ability to collaborate with other teams to investigate security incidents and provide insights for improving security posture
Preferred
DoD 8570 Certification for IAT Level III
Proven experience with Splunk (or equivalent SIEM) front-end and/or back-end functionalities
Experience with Trellix/Endpoint Security Solutions (ESS), formally Host Based Security System (HBSS)
Familiarity with scripting languages such as Python, PowerShell, or Bash
Relevant certifications (e.g., Splunk Core Certified Power User, Splunk Enterprise Certified Admin)
Proven knowledge of network security controls such as routers, switches, firewalls, network access controls, and related solutions
Proven knowledge of Linux and Windows operating systems and applications
Excellent analytical and problem-solving skills
Benefits
Health insurance coverage
Life and disability insurance
Savings plan
Company paid holidays
Paid time off (PTO) for vacation and/or personal business
Company
Northrop Grumman
Northrop Grumman is an aerospace, defense and security company that provides training and satellite ground network communications software.
10001+ employees
Funding
Current Stage
Public CompanyTotal Funding
$3.7BKey Investors
U.S. Department of DefenseNASA
2025-05-27Post Ipo Debt· $1B
2024-01-29Post Ipo Debt· $2.5B
2023-12-20Grant· $72M
Leadership Team
Tom Wilson
Corporate Vice President, Enterprise Business Development
Jeffrey Worsham
Chief Product Owner - Advanced Technology Development
Recent News
2026-01-24
2026-01-23
alleywatch.com
2026-01-20
Company data provided by crunchbase