Raytheon Technologies Mgr, Cyber Defense in United States
Raytheon Technologies Cyber Operations Engineering has an opening for a Principal Cyber Operations Engineer to join our Enterprise Cybersecurity organization.
As a member of Cyber Operations Engineering, you will be part of a team of security engineers with extensive technical experience in enterprise data networks, systems engineering and architecture, security monitoring, capacity planning, and troubleshooting. The team’s primary mission is to support our cyber SOC and incident response teams by delivering and operating critical network threat detection and forensices. The services include IDS/IPS, SIEM, case management, packet capture, and others.
Perform advanced network analysis, problem identification and solution design.
Maintain network security systems with focus on IDS/IPS, SIEM integration, network traffic analysis, log search, packet capture and incident tracking.
Perform routine system administration and maintenance on local or remote devices
Ensure documentation is kept current for supported systems.
Interface with supplier representatives to resolve issues and evaluate security products
Proactively analyze, troubleshoot, and resolve network security issues.
Perform system installations, upgrades, training, monitoring and analysis.
Work closely with network engineering team to implement cyber monitoring solutions.
Handle day-to-day network related incidents as Tier 3 subject matter expert.
Monitor system performance and implement performance tuning.
Lead projects to introduce new cyber monitoring capabilities, and upgrade/replace existing ones.
Required Skills & Experience:
Minimum 8 years of experience in IT or Engineering
Minimum 2 years of professional experience designing, administering, and securing Linux based systems
Demonstrated experience in at least 2 of the following domains:
Security Incident and Event Monitoring systems, e.g. Splunk ES, QRadar, etc.
“Big Data” Analysis systems, e.g. Splunk, ELK, etc.
Intrusion Detection/Prevention Systems, e.g. Cisco Firesight, Snort, etc.
Full Packet Capture / Network Forensics systems
Virtualization technologies, e.g. VMWare, HyperV, etc.
Automation and IaC tooling, e.g. Ansible, Terraform, etc.
Scripting in Python or Perl
Cloud technologies, e.g. AWS, Microsoft Azure
TCP/IP networking, e.g. switches, routers, and firewalls
Excellent written and oral communication skills
Advanced troubleshooting skills
This position requires the eligibility to obtain a U.S. security clearance. Except in rare circumstances, only U.S. citizens are eligible for a security clearance.
This position requires either a U.S. Person or a Non-U.S. Person who is eligible to obtain any required Export Authorization
Desired Skills & Experience:
Demonstrated knowledge of IP networking and network architecture/design
Information Security and IT certifications: GIAC, CISSP, Cisco, Red Hat, AWS, etc.
Experience administering cyber security tools such as IDS, SIEM, and PCAP
Ability to write custom alert rules for IDS/IPS and SIEM
Experience with security log analysis.
Experience working on a Computer Incident Response Team (CIRT)
Previous experience working in a Security Operations Center (SOC)
Netflow and/or packet analysis experience
Bachelor’s degree in Information Technology, Computer Science, Computer Engineering, Cyber, Mathematics or related discipline or equivalent combination of work experience and schooling/certifications in lieu of degree. 183440
Raytheon is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, age, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.