Cyber Threat Intelligence Analyst
- Military veterans preferred
2019-07-15 Raytheon (www.raytheon.com)
Morrisville North Carolina United States
Raytheon Blackbird Technologies is looking for an individual who will join the security team of a major nationwide organization, with thousands of sites, to continually improve its complex multi-protocol nationwide network.
A specialist in cyber threat intelligence analysis is needed to support the customer team. The ideal candidate for this job will be an experienced information security practitioner, and someone who can manage multiple efforts while meeting timelines efficiently.
This role would be located in Morrisville, NC (outside Raleigh).
Job Responsibilities will include:
Provides insights to other team members on nuances of networking technologies, architectures, and network traffic analysis to support other analysts who do not have networking experience.
Develops models for identifying incident-type activity, of malware or bad actors, using statistical analysis
Develop dashboards to assist in automation and awareness for incident response
Reviews incident logs/records mining for patterns
Researches Internet sources and threat intelligence databases to try and find evidence in customer logs
Explores patterns in network and system activity through log correlation using Splunk and other tools
Investigates evidence of threats against Windows, Linux, Database, Applications, web servers, firewalls or other relevant technologies
Ingest IOC’s to assess impact to organization
Share IOC’s with internal and external teams for validation and collaboration.
Guide junior threat analysts.
Provide timely, accurate and relevant intelligence products to the customer to include a variety of intelligence reports, PowerPoint presentations, and various briefings.
Required Experience and Skills:
Must be eligible to obtain a sensitive clearance – Position of Public Trust – and may be required to obtain a higher security clearance
4+ years related experience for G08
6+ years related experience for G09
8+ years related experience for G10
Networking experience, with routing, switching, and analysis experience
Statistical modeling and analysis experience to infer possible cybersecurity threats
Experience in analysis in investigations, such as in IT, law enforcement, military intelligence, or business analytics
Interest in learning about Windows, Linux, Database, Application, Web server, firewall, SIEM etc. log analysis
Verbal/written communication and interpersonal skills to effectively communicate with team-members
Must be highly motivated with the ability to self-start, prioritize, multi-task and work in a team setting
Understanding of intelligence cycle, Cyber Kill Chain, and Diamond Model
Familiarity with common network vulnerability/penetration testing
Experience with, Recorded Future, Tanium, Redseal, Anomali
An understanding of log data for Sourcefire, Brightmail, Blue Coat, and Tipping Point
Experience evaluating systems and network devices and enterprise networks for IA vulnerabilities
Experience evaluating enterprise networks for IA/security vulnerabilities
Splunk query-development expertise
Experience on an Incident Response team performing Tier I/II initial incident triage.
Excellent writing skills
Required Education: Bachelor of Science Degree with a major in Computer Science/Computer Engineering, Engineering, Science or a related field. Two years of related work experience may be substituted for each year of degree-level education.
Desired Certifications: DODI 8570.1-M Compliance at IAT Level II; CISSP, Certified Ethical Hacker (C|EH), SFCP, GCIA, SEC +, SANS
Raytheon is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.