Raytheon Veterans Jobs

Job Information

Raytheon Technologies Cyber Monitoring Lead in Rosslyn, Virginia

Raytheon Intelligence & Space (RIS) – Cybersecurity, Training & Services (CTS) has an immediate opening for a

Cyber Monitoring Analyst

to support a U.S. Federal Agency contract to enable mission accomplishment by monitoring networks for potential security issues or events, utilizing standard monitoring tools, investigate potential security breaches or other identified security events, research SIEM alerts trends, identify opportunities to tune content and filtering, prepare monthly, quarterly, and/or annual reports and update Standard Operating Procedures (SOPs) as necessary.

Apply threat intelligence to enable and support network defense operations, identify network security and technology gaps and make informed recommendations to improve customer security posture.

Provide guidance to mid-level and junior analysts in handling technical issues, collaborate with threat intelligence, hunt, and Digital Forensics / Incident Response (DFIR) teams.

Work Location: National Capital Region (Rosslyn, VA)

Job

Description:

Conducts research and evaluates technical and all-source intelligence with specific emphasis on network operations and cyber warfare tactics, techniques, and procedures focused on the threat to networked weapons platforms and US and DoD information networks.

Analyzes network events to determine the impact on current operations and conduct all-source research to determine advisory capability and intent.

Prepares assessments and cyber threat profiles of current events based on the sophisticated collection, research and analysis of classified and open source information.

Correlates threat data from various sources.

Develops and maintains analytical procedures to meet changing requirements and ensure maximum operations.

Collects data using a combination of standard intelligence methods and business processes.

Produces high-quality papers, presentations, recommendations, and findings for senior US government intelligence and network operations officials.

Responsibilities:

Shall perform specific activities that include, but not limited to the following:

Perform initial triage and analysis of detected security events

Perform network monitoring 24x7x365 for the Department’s networks

Escalate events to malware analysts for further investigation

Contribute input to the Cyber Security Daily (CSD)

Identify and recommend new techniques for inclusion in monitoring strategy

Train and mentor mid-level and junior monitoring analysts

Required

Skills:

Current experience with network intrusion detection and response operations (Protect, Defend, Respond and Sustain methodology)

Experience in the detection, response, mitigation, and/or reporting of cyber threats affecting client networks and one or more of the following:

Experience in computer intrusion analysis and incident response

Working knowledge of Intrusion detection/protection systems

Knowledge and understanding of network devices, multiple operating systems, and secure architectures

Working knowledge of network protocols and common services

System log analysis

Experience responding to and resolving situations caused by network attacks

Ability to assess information of network threats such as scans, computer viruses or complex attacks

Working knowledge of WAN/LAN concepts and technologies

SIEM content Analysis, Development and Testing

Experience with SIEMS (such as NetWitness, Splunk, SumoLogic, QRadar)

Experience with EDR solutions (Carbon Black, Crowdstrike, FireEye, SentinelOne)

Familiarity with packet analysis to include: HTTP Headers & Status codes, SMTP Traffic & Status codes, FTP Traffic & Status Codes

Excellent written and verbal communication skills

Prior experience working in any of the following:

Security Operations Center (SOC)

Network Operations Center (NOC)

Computer Incident Response Team (CIRT)

Knowledge of and practical experience of integration of COTS or open source tools

Personality traits: Naturally curious and inquisitive nature; persistent and determined; loves solving problems and puzzles; analytically rigorous; uncompromising integrity

Demonstrated ability to document processes

Proficiency with MS Office Applications

Must be able to work collaboratively across teams and physical locations

Willing to work rotating shifts

Must have an Active TS and the ability to obtain a TS/SCI.

Required Certifications:

Possess at least one relevant professional designation

or related advanced IT certification

, but not limited to the following:

Certified

Information

Systems

Security

Professional

(CISSP)

GIAC

Certified

Incident

Handler

(GCIH)

GIAC Network Forensic Analyst (GNFA)

GIAC Intrusion Analyst (GCIA)

Desire Skills:

Knowledge using RSA Netwitness, Splunk, FireEye NX, EX, HX, AX, Carbon Black Response, RSA Archer, firewalls, routers or antivirus appliances

Experience with industry standard help desk tools, working on a 24x7x365 watch desk environment

Skill in conducting vulnerability scans and recognizing vulnerabilities in security systems, analyzing network traffic capacity and performance characteristics, detecting host and network based intrusions via intrusion detection technologies (e.g., Snort)

Ability to develop and deploy signatures, determining how a security system should work (including its resilience and dependability capabilities), evaluating the adequacy of security designs

Knowledge using penetration testing tools and techniques, virtual machines. (e.g., Microsoft Hyper-V, VMWare vSphere, Citrix XenDesktop/Server, Amazon Elastic Compute Cloud, etc.), conducting forensic analyses in multiple operating system environments (e.g., mobile device systems)

Experience in configuring and utilizing software-based computer protection tools (e.g., software firewalls, antivirus software, and anti-spyware), recognizing and categorizing types of vulnerabilities and associated attacks, using network analysis tools to identify vulnerabilities. (e.g., fuzzing, nmap, etc.), configuring and utilizing network protection components (e.g., Firewalls, VPNs, network intrusion detection systems)

Desired Certifications:

Possess at least one relevant professional designation

or related advanced IT certification

, but not limited to the following:

GIAC

Certified

Enterprise

Defender

(GCED)

GIAC

Security Expert (GSE)

Certified

Information

Security

Manager

(CISM)

Certified Ethical Hacker (CEH)

Required Education (including Major):

Bachelor of Science Degree with major in Computer Science/Electrical Engineering, Engineering, Science or related field.

Must have a minimum of 9+ years’ experience or equivalent education and experience.

Occasional travel within CONUS and OCONUS is required

165543

Raytheon is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, age, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.

DirectEmployers