Date Posted:
2022-10-13
Country:
United States of America
Location:
NC607: Aerial Ctr 6001 HospitalityCrt 6001 Hospitality Court Aerial Center, Morrisville, NC, 27560 USA
Position Role Type:
Hybrid
At Raytheon, the foundation of everything we do is rooted in our values and a higher calling – to help our nation and allies defend freedoms and deter aggression. We bring the strength of more than 100 years of experience and renowned engineering expertise to meet the needs of today’s mission and stay ahead of tomorrow’s threat. Our team solves tough, meaningful problems that create a safer, more secure world.
This position is CONTINGENT upon funding, an open position, customer approval, completion of a favorable background investigation, and the ability to obtain and maintain our customer's sensitive clearance.
An experienced Incident Response Specialist (T3) is needed with experience in Security Operations Centers (SOC), Cyber Security Operations Centers (CSOC), and Cyber Incident Response Team (CIRT).
Location: Morrisville, North Carolina
Job responsibilities:
Identification of Cybersecurity problems which may require mitigating controls
Analyze network traffic to identify exploit or intrusion related attempts
Recommend detection mechanisms for exploit and or intrusion related attempts
Provide subject matter expertise on network-based attacks, network traffic analysis, and intrusion methodologies
Escalate items which require further investigation to other members of the Threat Management team
Execute operational processes in support of response efforts to identified security incidents
Participates in a team of Security operations engineers investigating alerts, anomalies, errors, intrusions, malware, etc. to identify the responsible, determine remediation, and recommend security improvements
Follows precise analytical paths to determine the nature and extent of problems being reported by tools, e-mails, etc.
Follows strict guidance on reporting requirements
Keeps management informed with precise, unvarnished information about security posture and events
Promotes standards-based workflow both internally and in coordinating with US-CERT
Engages with other internal and external parties to get and share information to improve processes and security posture
Supervises and guide team efforts
Communicates to CISO leadership
Produces design documentation
Leads analyzing/investigating reports or anomalies
Requirements:
*Must be eligible to obtain a sensitive clearance – Position of Public Trust – and may be required to obtain a higher security clearance
Must have 8+ years of relevant work experience and a Bachelor's degree
Must have experience in:
Endpoint Detection and analysis
Sysmon log analysis
Forensic malware analysis
IT security
Network traffic analysis
Strong working knowledge of:
Boolean Logic
TCP/IP Fundamentals
Network Level Exploits
Threat Management
Regular Expressions
Knowledge of Control Frameworks and Risk Management techniques
Excellent oral and written communication skills
Excellent interpersonal and organizational skills
Strong understanding of IDS/IPS technologies, trends, vendors, processes and methodologies
Strong understanding of common IDS/IPS architectures and implementations
Strong understanding of IDS/IPS signatures, content creation and signature characteristics including both signature and anomaly-based analysis and detection
The ability to obtain and maintain a U.S. government issued security clearance is required. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance.
Desired Skills:
- Splunk experience, developing queries, data models, and dashboards
- Cloud monitoring experience is a plus
- Excellent writing skills
Should have experience with the following:
Able to handle escalated tickets from Tier 2
Perform Technical advice, Media Forensics, Malware Analysis
Forensic Lab maintenance
Assist Tier 1 & 2 Analysts
Threat Hunting IOC development assistance to Threat Intelligence Unit
Peer Review of Tier 2 tickets
Special Projects as our customer needs
SOP development and reviews of existing SOPs
Workflow refinements as needed
EnCase certified forensic examiner sought.
Required Education:
Bachelor of Science Degree with a major in Computer Science/Computer Engineering, Engineering, Science or a related field. Two years of related work experience may be substituted for each year of degree-level education.
Certifications (one or more desired):
DOD 8570.1-M Compliance at IAT Level II; CISSP, Certified Ethical Hacker (C|EH), Sec+, SFCP, GCIA, ISSEP, ISSMP, GCIH, GCFA, CSLC, CISM, or CCNA
Requires advanced to expert knowledge of work area typically obtained through advanced education combined with experience. May have broad knowledge of project management. Requires substantial knowledge of RTX projects, programs or systems in order to provide enhancements within job area. Typically requires: A University Degree or equivalent experience and minimum 8 years prior relevant experience, or An Advanced Degree in a related field and minimum 5 years experience
Engineering/Other Technical Positions: Typically requires a degree in Science, Technology, Engineering or Mathematics (STEM) and a
minimum of 8 years of prior relevant experience unless prohibited by local laws/regulations.
This requisition is eligible for an employee referral award. ALL eligibility requirements must be met to receive the referral award.
Morrisville, NC
Relocation Eligible: No
Sign On Bonus Eligible: No
#RISCyber
#RISCPS
#RISMERCURY
RTX is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.
Privacy Policy and Terms:
Click on this link to read the Policy and Terms