Raytheon Veterans Jobs

Job Information

Raytheon Technologies Vulnerability Assessment Analyst in Rosslyn, Virginia

Raytheon Intelligence & Space (RIS) – Cybersecurity, Training & Services (CTS) has an immediate opening for a cleared Vulnerability Assessment Analyst to support a U.S. Federal Agency contract to enable mission accomplishment by performing analysis of all known vulnerabilities present on all Department systems and creation of actionable reports that outline how to remediate effectively.

The team gathers data about, analyzes, quantifies, and prioritizes all known vulnerabilities that pose a risk to the Department. The team leverages an objective, quantitative method for ranking vulnerabilities that incorporates threat information from CTAD and other sources, vulnerability exposure data from the Department’s multiple scanning tools, and exploitability data based on internal information feeds. This analysis prioritizes and details actions that stakeholders need to take to remediate the vulnerabilities in the short and long term. The program also supports the Department’s Authorization and Accreditation (A&A) process by conducting third-party, independent system assessments and providing technical guidance during the remediation of findings. Location: Rosslyn, VA

*A TS security clearance is required.

Job Description:

Performs the functions of an Information Systems Security Manager/Security Officer (ISSM/ISSO). Implement the required government policy (i.e., NISPOM, DCID 6-3), make recommendations on process tailoring, participate in and document process activities. Establishes strict program control processes to ensure mitigation of risks and supports obtaining certification and accreditation of systems. Includes support of process, analysis, coordination, security certification test, security documentation, as well as investigations, software research, hardware introduction and release, emerging technology research inspections and periodic audits. Ensure the assessments of systems and networks within the networking environment or enclave are completed and report those systems and networks that deviate from acceptable configurations, enclave policy, or local policy. This is achieved through passive evaluations such as compliance audits and active evaluations such as vulnerability assessments. Ensure the analyses to validate established security requirements and to recommend additional security requirements and safeguards is performed. Support the formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results and preparation of required reports. Ensure the results of Certification and Accreditation activities and technical or coordination activity are documented and the system Security Plans is completed and the Plan of Actions and Milestones POA&M is created and maintained for all applications. Ensure a complete review of each system's audits is conducted periodically and corrective actions are closed. Responsibilities: Maintain, improve, and leverage an objective, quantitative risk assessment model

  • Maintain a consolidated vulnerability list that includes new and existing vulnerabilities and ranks them quantitatively in terms of risk

  • Conduct briefings on vulnerabilities and current risk exposure and provide remediation recommendations

  • Provide technical assistance related to Department system assessments supporting Authorization and Accreditation process

  • Coordinate with all relevant personnel to obtain pertinent vulnerability information and findings concerning network security

  • Coordinate directly with system owners, administrators, and security officers regarding the mitigation of identified vulnerabilities to include penetration test findings

  • Stay abreast of all current and new vulnerabilities and which cyber actors have exploited them

  • Map findings to NIST Special Product 800-53 security controls; coordinate with Department stakeholders on ensuring findings are input as plans of actions and milestones

    Required Skills:

  • Experience with Vulnerability Scanning tools: implementing, maintaining, configuring scans, reporting

  • Experience with SIEM tools (such as NetWitness, Splunk, SumoLogic, QRadar, etc.)

  • SIEM content Analysis, Development and Testing

  • Experience with EDR solutions (Carbon Black, Crowdstrike, FireEye, SentinelOne)

  • Familiarity with packet analysis : HTTP Headers & Status codes, SMTP Traffic & Status codes, FTP Traffic & Status Codes

  • Current experience with network intrusion detection and response operations (Protect, Defend, Respond and Sustain methodology)

  • Experience in the detection, response, mitigation, and/or reporting of cyber threats affecting client networks and one or more of the following:

  • Experience in computer intrusion analysis and incident response

  • Working knowledge of Intrusion detection/protection systems

  • Knowledge and understanding of network devices, multiple operating systems, and secure architectures

  • Working knowledge of network protocols and common services

  • System log analysis

  • Experience responding to and resolving situations caused by network attacks

  • Ability to assess information of network threats such as scans, computer viruses or complex attacks

  • Knowledge of and practical experience of integration of COTS or open source tools

  • Personality traits: Naturally curious and inquisitive nature; persistent and determined; loves solving problems and puzzles; analytically rigorous; uncompromising integrity

  • Willing to work rotating shifts

    Required Certifications such as:

  • Certified Information Systems Security Professional (CISSP)

  • GIAC Certified Incident Handler (GCIH)

  • GIAC Network Forensic Analyst (GNFA)

  • GIAC Intrusion Analyst (GCIA)

  • GIAC Penetration Tester (GPEN)

  • Certified Penetration Tester (CPT)

  • Certified Expert Penetration Tester (CEPT)

  • Licensed Penetration Tester (LPT) Certification

  • Offensive Security Certified Professional (OSCP)

    Desired Skills:

  • Experience with RSA Netwitness, Splunk, FireEye NX, EX, HX, AX, Carbon Black Response, RSA Archer

  • Experience with firewalls, routers or antivirus appliances

  • Experience working on a 24x7x365 watch desk environment

  • Experience with industry standard help desk tools

  • Working knowledge of WAN/LAN concepts and technologies

  • Prior experience working in any of the following: Security Operations Center (SOC), Network Operations Center (NOC), Computer Incident Response Team (CIRT)

    Certifications (desired): Possess1+ relevant professional designation or related advanced IT certification , but not limited to the following:

  • GIAC Certified Enterprise Defender (GCED)

  • GIAC Security Expert (GSE)

  • Certified Information Security Manager (CISM)

  • Certified Ethical Hacker (CEH)

  • Education: BS Degree with major in Computer Science/Electrical Engineering, Engineering, Science or related field. Must have a minimum of 5 years’ experience or equivalent education and experience.

  • Candidates must have an active TS clearance and the ability to attain a TS/SCI clearance

  • Occasional travel within CONUS and OCONUS

Due to a customer requirement, as a condition of employment for this position, the successful candidate will be required to obtain and provide proof of COVID-19 vaccination prior to commencing employment or submit to regular COVID testing.185784

Raytheon is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, age, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.