Principal Cyber Threat Analyst
- Military veterans preferred
2019-08-01 Raytheon (www.raytheon.com)
Dulles Virginia United States
At Raytheon Cyber Solutions (RCS), we pride ourselves on having the most highly-skilled Security Analysts in the industry. Regardless of technology or process specialization, every Engineer is trained in the fundamentals of network engineering & security, security tool configuration, investigative process, and incident response, and he or she must demonstrate mastery of these concepts on a daily basis. Our Engineers learn and do more in one year than most do in five.
*This is a remote position, however you must be willing to work nights/weekends (as needed).
Support and maintain SIEM deployments in support of optimization, usability and effective environment visibility
Engineering, administration, maintenance of Splunk deployments
Support new client on-boarding
Participate in activation calls and meetings
Review SIEM configurations for compliance with Raytheon Cyber Services (RCS) and industry best practices
Develop, maintain, and enhance practice documentation and tools, including methodologies, standard operating procedures, reporting templates, and sales collateral
Develop and organize standard toolkits and tool development repositories, and custom content
Ensures system security needs are established and maintained for various objects/matters
Integrates new architectural features into existing infrastructures, design cyber security architectural artifacts, provide architectural analysis of cyber security features and relate existing system to future needs and trends
Must have a minimum of 8 years professional experience
1+ year direct professional experience with engineering and supporting Splunk deployments
Ability to evaluate Splunk deployment to identify flaws and key areas for improvement in effort to maintain an optimal SIEM operating environment
Advanced experience in networking protocols, endpoint and network security mechanisms, system administration, and security event collection techniques
1+ year professional experience writing SIEM content
Advanced information security knowledge in 2 or more areas such as end-point security products, proxy/gateway technologies, DLP, IDS
Knowledge and experience with Linux operating system
Experience with regular expressions
Experience diagnosing and troubleshooting issues to resolution
Willingness to learn new technologies and tools
Experience with configuration of syslog implementations such as rsyslog or syslog-ng
Intermediate experience with one or more of the following: RSA NetWitness, Qradar, ArcSight, LogRhythm, SumoLogic
Experience with infrastructure components such as proxies, firewalls, IDS/IPS, DLP etc.
Raytheon is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.