Raytheon Veterans Jobs

Job Information

Raytheon Technologies Cyber Incident Handler in Rosslyn, Virginia

Raytheon Intelligence & Space (RIS) – Cybersecurity, Training & Services (CTS) has an immediate opening for a Cyber Incident Handler to support a U.S. Federal Agency contract to enable mission accomplishment by determining appropriate course of action in response to identified cyber security incidents or anomalous network activity, perform advanced analysis to include malware triage and dynamic analysis, forensic seizures of hardware, and determine scope of compromise during a cyber-incident.

Prepare detailed recommendations for network defense improvements to mitigate incidents, recommend enterprise protection measures based on incident trends.

Work Location: National Capital Region (Rosslyn, VA)

Job

Description:

Individuals collect and analyze event information and perform threat or target analysis duties.

Provides operations for persistent monitoring on a 24/7 basis of all designated networks, enclaves, and systems.

Interprets, analyzes, and reports all events and anomalies in accordance with Computer Network directives, including initiating, responding, and reporting discovered events.

Manages and executes first-level responses and addresses reported or detected incidents.

Reports to and coordinates with external organizations and authorities.

Coordinates and distributes directives, vulnerability, and threat advisories to identified consumers.

Provides daily summary reports of network events and activities and delivers metric reports.

Responsibilities:

Shall perform specific activities that include, but not limited to the following:

Detect, classify, process, track, and report on cyber security events and incidents

Coordinate and collaborate with Department teams as needed to analyze and respond to events and incidents

Perform triage and response capabilities 24x7x365

Contribute input to the Cyber Security Daily (CSD)

Monitor and triage the CIRT hotline, email inboxes, and fax

Create tickets and initiate workflows as instructed in SOPs

Report incident information to the U.S. CERT

Collaborate with other local, national and international CIRTs as directed

Deliver and oversee remediation activities

Perform initial triage and analysis of detected security events

Perform network monitoring 24x7x365 for the Department’s networks

Escalate events to malware analysts for further investigation

Contribute input to the Cyber Security Daily

( CSD )

Identify and recommend new techniques for inclusion in monitoring strategy

Required

Skills:

Knowledge conducting vulnerability scans, identifying, capturing, containing, and reporting malware, and analyzing network traffic capacity and performance characteristics.

Experience with detecting host and network based intrusions via intrusion detection technologies (e.g., Snort), preserving evidence integrity according to standard operating procedures or national standards.

Ability to use penetration testing tools and techniques, use of social engineering techniques. (e.g., phishing, baiting, tailgating, etc.).

Skill in tuning sensors, using incident handling methodologies, network management tools to analyze network traffic patterns (e.g., simple network management protocol), and protocol analyzers.

Knowledge in recognizing and categorizing types of vulnerabilities and associated attacks, protecting a network against malware. (e.g., NIPS, anti-malware, restrict/prevent external devices, spam filters), analyzing malware, performing packet-level analysis.

Experience with assessing security controls based on cybersecurity principles and tenets. (e.g., CIS CSC, NIST SP 800-53, Cybersecurity Framework, etc.).

Ability to recognize vulnerabilities in security and privacy systems. (e.g., vulnerability and compliance scanning), conducting trend analysis, using security event correlation tools, analyzing traffic to identify network devices.

Personality traits: Naturally curious and inquisitive nature; persistent and determined; enjoys solving problems and puzzles; analytically rigorous; uncompromising integrity

Excellent writing, communications, and briefing skills

Demonstrated ability to document processes

Proficiency with MS Office Applications

Must be able to work collaboratively across teams and physical locations

Willing to work rotating shifts

Must have the

ability to obtain a Secret clearance

Required Certifications:

Possess at least one relevant professional designation

or related advanced IT certification

, but not limited to the following:

Certified

Information

Systems

Security

Professional

(CISSP)

GIAC

Certified

Incident

Handler

(GCIH)

GIAC Certified Intrusion Analyst (GCIA)

GIAC Network Forensic Analyst (GNFA)

GIAC Certified Forensic Analyst (GCFA)

Desire Skills:

Experience with RSA Netwitness, Splunk, FireEye NX, EX, HX, AX, Carbon Black Response, RSA Archer

Experience with firewalls, routers or antivirus appliances

Experience working on a 24x7x365 watch desk environment

Experience with industry standard help desk tools

Experience with

Security Information and Event Management (SIEM) systems

Experience with

Network Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS)

Experience with

Network and Host malware detection and prevention

Experience with

Network and Host forensic applications

Experience with

Web/Email gateway security technologies

Experience with Splunk, Windows PowerShell, or similar technologies

Desired Certifications:

Possess at least one relevant professional designation

or related advanced IT certification

, but not limited to the following:

Certified Computer Security Incident Handler (CSIH)

EC-Council Certified Incident Handler (ECIH)

EC-Council Certified Ethical Hacker (CEH)

GIAC

Certified

Enterprise

Defender

(GCED)

GIAC

Security Expert (GSE)

Certified

Information

Security

Manager

(CISM)

Certified Ethical Hacker (CEH)

Required Education (including Major):

Bachelor of Science Degree with major in Computer Science/Electrical Engineering, Engineering, Science or related field.

Must have a minimum of 0-1 year experience or equivalent education and experience.

Occasional travel within CONUS and OCONUS is required

165384

Raytheon is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, age, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.

DirectEmployers