At Raytheon Cyber Solutions (RCS), we pride ourselves on having the most highly-skilled Security Analysts in the industry. Regardless of technology or process specialization, every Engineer is trained in the fundamentals of network engineering & security, security tool configuration, investigative process, and incident response, and he or she must demonstrate mastery of these concepts on a daily basis. Our Engineers learn and do more in one year than most do in five.
*This is a remote position, however you must be willing to work nights/weekends (as needed).
Support and maintain SIEM deployments in support of optimization, usability and effective environment visibility
- Engineering, administration, maintenance of Splunk deployments
- Support new client on-boarding
- Participate in activation calls and meetings
- Review SIEM configurations for compliance with Raytheon Cyber Services (RCS) and industry best practices
- Develop, maintain, and enhance practice documentation and tools, including methodologies, standard operating procedures, reporting templates, and sales collateral
- Develop and organize standard toolkits and tool development repositories, and custom content
- Ensures system security needs are established and maintained for various objects/matters
- Integrates new architectural features into existing infrastructures, design cyber security architectural artifacts, provide architectural analysis of cyber security features and relate existing system to future needs and trends
- Must have a minimum of 8 years professional experience
- 1+ year direct professional experience with engineering and supporting Splunk deployments
- Ability to evaluate Splunk deployment to identify flaws and key areas for improvement in effort to maintain an optimal SIEM operating environment
- Advanced experience in networking protocols, endpoint and network security mechanisms, system administration, and security event collection techniques
- 1+ year professional experience writing SIEM content
- Advanced information security knowledge in 2 or more areas such as end-point security products, proxy/gateway technologies, DLP, IDS
- Knowledge and experience with Linux operating system
- Experience with regular expressions
- Experience diagnosing and troubleshooting issues to resolution
- Willingness to learn new technologies and tools
- Experience with configuration of syslog implementations such as rsyslog or syslog-ng
- Intermediate experience with one or more of the following: RSA NetWitness, Qradar, ArcSight, LogRhythm, SumoLogic
- Experience with infrastructure components such as proxies, firewalls, IDS/IPS, DLP etc.
Splunk Certified Architect, Security+, Network+, A+, CCNA, CCNP, CCSA, CCSE, GIAC
Raytheon is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, age, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.