Principal Cyber Threat Analyst - Military veterans preferred

Raytheon (


  full-time   employee

United States

At Raytheon Cyber Solutions (RCS), we pride ourselves on having the most highly-skilled Security Analysts in the industry. Regardless of technology or process specialization, every Engineer is trained in the fundamentals of network engineering & security, security tool configuration, investigative process, and incident response, and he or she must demonstrate mastery of these concepts on a daily basis. Our Engineers learn and do more in one year than most do in five.

*This is a remote position, however you must be willing to work nights/weekends (as needed).


Support and maintain SIEM deployments in support of optimization, usability and effective environment visibility

  • Engineering, administration, maintenance of Splunk deployments
  • Support new client on-boarding
  • Participate in activation calls and meetings
  • Review SIEM configurations for compliance with Raytheon Cyber Services (RCS) and industry best practices
  • Develop, maintain, and enhance practice documentation and tools, including methodologies, standard operating procedures, reporting templates, and sales collateral
  • Develop and organize standard toolkits and tool development repositories, and custom content
  • Ensures system security needs are established and maintained for various objects/matters
  • Integrates new architectural features into existing infrastructures, design cyber security architectural artifacts, provide architectural analysis of cyber security features and relate existing system to future needs and trends

Required Skills:

  • Must have a minimum of 8 years professional experience
  • 1+ year direct professional experience with engineering and supporting Splunk deployments
  • Ability to evaluate Splunk deployment to identify flaws and key areas for improvement in effort to maintain an optimal SIEM operating environment
  • Advanced experience in networking protocols, endpoint and network security mechanisms, system administration, and security event collection techniques
  • 1+ year professional experience writing SIEM content
  • Advanced information security knowledge in 2 or more areas such as end-point security products, proxy/gateway technologies, DLP, IDS
  • Knowledge and experience with Linux operating system
  • Experience with regular expressions
  • Experience diagnosing and troubleshooting issues to resolution
  • Willingness to learn new technologies and tools
Desired Skills:
  • Experience with configuration of syslog implementations such as rsyslog or syslog-ng
  • Intermediate experience with one or more of the following: RSA NetWitness, Qradar, ArcSight, LogRhythm, SumoLogic
  • Experience with infrastructure components such as proxies, firewalls, IDS/IPS, DLP etc.

Desired Certifications:
Splunk Certified Architect, Security+, Network+, A+, CCNA, CCNP, CCSA, CCSE, GIAC



Raytheon is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.