Raytheon Technologies Peneteration Test Engineer in Khobar, Saudi Arabia
Raytheon is currently looking for candidates to fill a Penetration Testing Engineer role located in Riyadh, Saudi Arabia or Eastern Province, Saudi Arabia. Support an international engagement to enable mission accomplishment by analyzing all relevant cyber security event data and other information sources for suspicious network traffic, attack indicators and potential security breaches; produce reports, assist in coordination during incidents. In support of the customer’s strategic direction, key team members support the Cyber Security Operations Center (CSOC) employing original technologies and techniques.
This position will be handling assignments of the penetration tester and the vulnerability & assessment analyst. An experienced professional in Computer Network Defense (CND) and Cyber Security Operations Center (CSOC) testing supporting multiple customers. This person will serve as the penetration team lead within the CSOC overseeing the Mission Integrated Product Teams (IPTs) personnel supporting the CND mission. Candidate will spearhead development of a CND pen testing capability as well identify incident response processes, procedures, and is expected to provide on-site technical support to a team that provides 24x7 monitoring of the cyber security capabilities at a customer facility. The candidate also provides daily situational awareness to the Penetration (PEN) Testing/Incident Response Manager concerning operational security posture of the Agency’s and Client networks. The candidate will coordinate with all team leads to ensure analysts; processes and technology are meeting agency service level objectives and metrics. The penetration lead ensures the penetration tester and vulnerability & assessment analyst adhere to established standard operating procedures (SOPs) and produces reports on cyber laboratory performance.
• Creating system roles, assigning permissions to roles and roles to users, registering users into the knowledge base and viewing knowledge base reports.
• Provide meaningful advice and recommendations to the development team in establishing initial cyber laboratory operational capabilities
• Provide day-to-day direction of malware and forensics personnel identified to meet program goals
• Provide overall support to CSOC Mission IPTs to ensure lab requirements are met to support monitoring, analysis and remediation activities concerning significant events/threats to the agency’s or client security baseline posture.
• Responsible to senior management and client for compliance of the security baseline of information systems within CSOC.
• Responsible for definition of, and collection of metrics to support system security.
• Identifies opportunities for continual improvement, including industry best practices and recommends changes to the CSOC systems and reporting process.
• Responsible for the development and collection of metrics concerning analysis for CSOC systems as well as identifying processes to insure program adherence to reporting criteria.
• Develop and maintain training and certification program for current and future cyber laboratory personnel.
• Produce quarterly briefings for client leadership detailing laboratory security posture and network operational status as well as outline recommended mitigation plans concerning vulnerability eradication.
• Willing to work rotating shifts with moderate overtime
• Extensive experience with cyber security engineering projects and programs
• 10 years demonstrated experience developing design, deployment, and operations of complex to highly complex information technology systems
• 10 years demonstrated experience in cyber security to include practices/methodologies, associated technologies, application design, and/or experience in an operational environment.
• Thorough understanding of security design and architecture
• Demonstrated ability to develop multiple teams in a dynamic environment
• Must be able to work collaboratively across agencies and physical locations
• Deep Intelligence fusion and critical thinking capability
• Excellent technical project management skills with demonstrated experience delivering cyber security systems to government and commercial clients
• Demonstrated ability to brief senior management
• Experience establishing and maintaining good working relationships in all levels of the organization, including customers, organizations, internal management, and support organizations
• Excellent leadership and communication skills, including negotiations experience
• Familiar with Computer Network Defense (CND) and Incident Response Team Daily Reports and Briefings
• Working knowledge of network protocols and common services such as DNS, FTP, email, TCP/ICMP/UDP
• Ability to assess information of network threats such as scans, computer viruses or complex attacks
• Working knowledge of WAN/LAN concepts and technologies
• Extensive experience with six or more of the following:
o Security COTS integration
o Security Incident Event Management
o Insider Threat Monitoring
o Operating System Hardening
o Vulnerability Assessment testing
o Penetration Testing
o Identification and Authentication schemes
o Public Key Infrastructure and Identity Management
o Cross Domain Solutions
o Computer Network Exploitation (CNE)
o Computer Network Operations (CNO)
o Malware Analysis
o Forensics Analysis
o Reverse Software Engineering
o Wireless device security applications
o Security engineering
• Excellent writing skills
• Experience establishing and maintaining good working relationships in all levels of the organization, including customers, prime contractor organizations, internal management, and support organizations
• Continually identify product enhancements and refinements concerning technology solution(s)
• Certified Information Systems Security Professional (CISSP) or
• GIAC Certified Incident Handler (GCIH)
• GIAC Certified Enterprise Defender (GCED)
• Certified Information Security Manager (CISM)
• GIAC Security Expert (GSE)
• Certified Information Systems Security Professional (CISSP) or Information System Security Management Professional (ISSMP)
• Certified Ethical Hacker (CEH) or GIAC Intrusion Analyst (GCIA)
• Project Management Professional Certification (PMP)
Required Education (including Major):
BS Computer Science, Computer Engineering, Computer Information Systems, OR Computer Systems Engineering. Must have a minimum of 10+ years’ experience or equivalent education and experience. Master’s Degree preferred.