Sr. Threat Analyst - Military veterans preferred

2019-04-13
Raytheon (www.raytheon.com)
Other

/yr

  full-time   employee


Dulles
Virginia
United States

Global Business Services (GBS) Intelligence and Response team under the Cyber Threat Operations team is hiring a threat analyst. The position requires experience in Incident handling/response and/or Intelligence analysis. This position involves Tier II type response activities.

Incident Handling and Response: The Threat Analyst leads response activities for Enterprise-level cyber security incidents, provides situational awareness to appropriate personnel through clear and concise communications, and promotes a proactive response to possible threats by staying current with, analyzing, and identifying mitigations for emerging threats to Raytheon’s IT infrastructure.

Intelligence Analysis: The Threat analyst works to proactively classify and group attacks and attackers based on TTPs, as well as learn and proactively implement new threat protections based off intelligence research

Job Description:


  • Advanced Persistent Threat type of activity and attackers; provide support for detection, response, mitigation, and reporting of cyber threats affecting client networks
  • Maintain an understanding of the current vulnerabilities, response, and mitigation strategies used in cyber security operations
  • Produce reports and briefs to provide an accurate depiction of the current threat landscape and associated risk; accomplish this through the use of customer, community, and open source reporting
  • Provide analysis for correlated information sources
  • Assist in the education of staff on cyber threats
  • Liaison with other groups within IT Security and the business Units
  • Maintain proficiency in the use and production of visualization charts, link analysis diagrams, and database queries
  • Analyze and report cyber threats as well as assist in deterring, identifying, monitoring, investigating and analyzing computer network intrusions

Required Skills:


  • Minimum 4+ years’ experience and Bachelor's degree or equivalent work experience in Incident handling/response and/or Intelligence analysis and a combination of education and certifications in lieu of degree
  • Working knowledge of networking concepts and web technologies
  • Working knowledge of some or all WAN/LAN concepts and technologies
  • o Working knowledge of Linux/Unix, including scripting, and basic system administration.
    · Knowledge of signature development
    · IDS/IPS Signature Analysis, Development and Testing
    · SIEM content Analysis, Development and Testing
    o Familiarity with packet analysis to include:
    · HTTP Headers & Status codes
    · SMTP Traffic & Status codes
    · FTP Traffic & Status Codes
    · DNS Queries
    · PKI Certificate Exchange

    • Current experience with cyber threats and their associated tactics, techniques, and procedures
    • Ability to assess information of network threats such as scans, computer viruses or complex attacks
    • Experience in the detection, response, mitigation, and/or reporting of cyber threats affecting client networks and one or more of the following:
    • Computer intrusion analysis and incident response
    • Intrusion detection
    • Knowledge and understanding of network devices, multiple operating systems, and secure architectures
    • Working knowledge of network protocols and common services such as DNS, FTP, email, CP/ICMP/UDP
    • System log analysis

  • Ability and willingness to share on-call responsibilities, work non-standard hours, and travel (up to 25%) when required
  • This position requires the eligibility to obtain a security clearance. Except in rare circumstances, only U.S. citizens are eligible for a security clearance

    This position requires either a U.S. Person or a Non-U.S. Person who is eligible to obtain any required Export Authorization

Desired Skills:

  • Programming or scripting experience in any of the following: Perl, python, Vbscript
  • Knowledge in OSINT / Social Media analysis
  • Develops and implements IDS / IPS signatures and URL / IP blocks


Desired Certifications:
- GIAC Certified Incident Handler (GCIH) or
- Certified Information Systems Security Professional (CISSP) or
- GIAC Certified Intrusion Analyst (GCIA) or
- GIAC Network Forensics Analysts (GNFA) or
- GIAC Reverse Engineering Malware (GREM) or
- Certified Ethical Hacker (CEH)

Required Education:
Bachelor's degree in Cyber, Computer Science, Computer Engineering, Information Technology, Mathematics or related discipline or equivalent combination of work experience and schooling/certifications in lieu of degree.

138119

Raytheon is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.