Raytheon Technologies CSOC Analyst in Morrisville, North Carolina
This position is CONTINGENT upon funding, an open position, customer approval, completion of a favorable background investigation, and the ability to obtain and maintain a USPS sensitive clearance.
A CSOC Analyst is needed with experience in Security Operations Centers (SOC), Cyber Security Operations Centers (CSOC), and Cyber Incident Response Team (CIRT). The ideal candidate for this job will be an experienced information security practitioner who is goal-oriented and strives to exceed expectations.
This position could support any of the following shifts below (based on customer needs/requirements):
11:30 PM - 8:00 AM
7:00 AM - 7:00 PM
7:00 PM - 7:00 AM
Evening Shift: 3:30PM - 12:00AM (midnight)
Job responsibilities will include:
Participates in a team of Security operations engineers investigating alerts, anomalies, errors, intrusions, malware, etc. to identify the responsible, determine remediation, and recommend security improvements
Follows precise analytical paths to determine the nature and extent of problems being reported by tools, e-mails, etc
Follows strict guidance on reporting requirements
Keeps management informed with precise, unvarnished information about security posture and events
Promotes standards-based workflow both internally and in coordinating with US-CERT
Engages with other internal and external parties to get and share information to improve processes and security posture
Supervises and guide team efforts
Communicates to CISO leadership
Produces design documentation
Leads analyzing/investigating reports or anomalies
Must be eligible to obtain a sensitive clearance – Position of Public Trust – and may be required to obtain a higher security clearance
Must have Cloud experience
Must have Event Log Analysis
6+ years of relevant work experience and a Bachelor's degree for an G09
Knowledge of networking protocols and security implications
Knowledge of IP networking and network security including Intrusion Detection
Ensuring firewall security standards are met
Extensive Windows, Linux, Database, Application, Web server, etc. log analysis
Trouble ticket generation and processing experience
Extensive experience troubleshooting security reports on Linux, Windows, routers, firewalls, applications, etc.
Experience scripting with PowerShell, bash/ksh/sh, Cisco IOS.sh, JunOS sh/csh, Perl, Tcl, Lua
Familiarity with common network vulnerability/penetration testing tools including, but not limited to, Metasploit, vulnerability scanners, Kali Linux, and Nmap.
Some experience with system hardening guidance and tools
Security documentation experience (DIACAP/RMF)
Some Splunk query-development expertise
Experience on an Incident Response team performing Tier I/II initial incident triage.
Experience guiding junior analysts
Experience guiding junior Security operations teams in incident response
Strong verbal/written communication and interpersonal skills to effectively communicate findings, escalate critical incidents, and interact with Sec Ops leadership.
Must be highly motivated with the ability to self-start, prioritize, multi-task and work in a team setting.
Splunk experience, developing queries, data models, and dashboards
Cloud monitoring experience is a plus
Excellent writing skills
Bachelor of Science Degree with a major in Computer Science/Computer Engineering, Engineering, Science or a related field.
Two years of related work experience may be substituted for each year of degree-level education.
Certifications (one or more desired):
DOD 8570.1-M Compliance at IAT Level II; CISSP, Certified Ethical Hacker (C|EH), Sec+, SFCP, GCIA, ISSEP, ISSMP, GCIH, GCFA, CSLC, CISM, or CCNA
Relocation assistance is not provided.
This is a full-time salaried position.
Raytheon is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, age, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.