Raytheon Veterans Jobs

Job Information

Raytheon Technologies Digital Forensic Incident Response Analyst in Dulles, Virginia

Raytheon Intelligence & Space seeking a DIGITAL FORENSICS & INCIDENT RESPONSE (DFIR) / MALWARE REVERSE-ENGINEER. The effective candidate will be able to effectively perform forensic analysis of digital information, gather and handle evidence in support of incident response investigations. Additionally, the candidate will be expected to perform malware reverse engineering to support such investigations. This candidate will also lead the investigations and closely interface with the customer . Ensuring customer satisfaction throughout all phases and post phases of the investigation

This position is contingent upon contract award

This position is 100% on-site at customer location in Washington, DC

There is no relocation associated with this position.


This position will be a combination of remote and onsite support . Candidate must be able and willing to travel, as required .


  • Digital Forensics and Incident Response (DFIR)

  • Determination of wrong doing facilitated by IT systems or mobile devices

  • Mitigation for insider threat and disgruntled employee data loss

  • Malicious code scans – for our customers and before and after Raytheon overseas travel as requested

  • Hard drive forensics

  • Intellectual property theft

  • Misuse and abuse cases (i.e., viewing adult content, timecard fraud, etc.)

  • HR/EEOC related cases

  • Recovery of files (maliciously deleted or accidental)

  • System sabotage

  • Misuse of computer equipment (USB, phones)

  • Exposure or loss of company property data

  • Employee termination/RIF to analyze hard drive for data loss

  • Incident response

  • Analysis to determine if an exploit/vulnerability was used by an attacker

  • Breaches

  • Data exfiltration

  • Ransomware – recovery attempt of files that have been encrypted, determination of IIV, and recommendations to secure the network and limit future attacks

  • A/V alert for malware

  • Website analysis for defacement, web shells

  • Proactive hunting for malware on systems

  • Malware analysis, reverse engineering

  • Indicators from security alerts

  • Determination of what occurred on a system

  • Host hunting for malware

  • Memory forensics

  • Malware cases

  • Data exfiltration cases

  • Hunting for malware in memory

  • Mobile device forensics

  • Mobile malware

  • Mobile recovery of data

  • Text message recovery and call log

  • Data exfiltration

  • Communication/Client Engagement / Responsiveness

  • Collaboration with the client’s Security Organization via email, conference call, and phone

  • Responsiveness to client-initiated requests and reports

  • Reporting and communications consistent with client SLAs

  • Support client Service Level Agreements related to alert, event/incident, request/report responsiveness

  • Support development of shift reports, Situation Reports and After Action Reports

  • Engagement and communication with Managed SOC Services resources to perform as one CSIRT

  • Duties as assigned by the Leads or Project Manager including:

  • Performs forensics analysis of digital information and gather and handle evidence in support of legal or incident response investigations

  • Identify network computer intrusion evidence and perpetrators.

  • Investigate computer fraud or other electronic crimes, cracks files and system passwords, detects steganography and recovers deleted, fragmented and corrupted data from digital media of all types

  • Ensure chain of custody and control procedures, documents procedures and findings and prepares comprehensive written notes and reports

  • Recommend hardware, software, and develop policies and procedures for forensics analysis on devices and networks

  • Participate in customer calls and meetings on a regular basis

  • Maintain current knowledge of relevant technology and trends.

  • Prepare and give oral out briefs along with full presentations to technical and executive leadership

  • L essons learned documentation with Recommendations, remediation, and a planned path forward

  • Other duties as assigned


  • Bachelor's Degree and 8+ years of related experience (concentration of security operations and analysis) or equivalent experience


  • Proficient with network-based forensics, host-based forensics, malware reverse engineering and incident response/handling

  • Experienced with one or more of the following: EnCase, FTK, X-Ways, SIFT

  • Experience with memory forensic tools like Volatility

  • Experienced with SIEM technologies such as Splunk

  • Experienced with WireShark, TCPDump, and open source forensic tools

  • Excellent written and verbal communication skills

  • Personality traits: Naturally curious and inquisitive nature; perseverant and motivated; loves solving problems and puzzles; analytically rigorous; uncompromising integrity.

  • US Citizenship required


  • Experience with RSA Netwitness, Splunk, FireEye NX, EX, HX, AX, Carbon Black Response , RSA Archer

  • Experience with firewalls, routers or antivirus appliances DESIRED CERTIFICATIONS:

    One or more of the following: - GCFE - GCFA - GNFA - GREM - EnCE


Raytheon is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, age, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.