Lead Threat Intelligence Analyst 106369BR

  • Raytheon
  • Merrifield, Virginia, United States
  • 01/29/2018

Job Description

Raytheon Blackbird Technologies is looking for an individual who will join the security team of a major nationwide organization, with thousands of sites, to continually improve its complex multi-protocol nationwide network. A specialist in cyber threat intelligence analysis is needed to support the customer team. The ideal candidate for this job will be an experienced information security practitioner who is goal-oriented and strives to exceed expectations.

Responsibilities will include:
  • Function as a subject matter expert on security threat streams and delivering all-source intelligence productions and analytical assessments.
  • Gather, analyze produce and disseminate intelligence information and products as tasked.
  • Produce briefings/presentations and presents information to clients, internal stakeholders and/or leadership.
  • The analyst leads TI activities as a customer surrogate in support of enterprise-level cyber security incidents, provides situational awareness to appropriate personnel through clear and concise communications, and promotes a proactive response to possible threats by staying current with, analyzing, and identifying mitigations for emerging threats to the customer’s IT infrastructure.
  • The analyst is responsible for coordinating, refining and executing security threat intelligence analysis and production in a fast-paced and dynamic environment
  • Works closely with cyber intelligence analysts, digital forensics investigators, malware engineers, Cyber Security Operations Center (CSOC) analysts, and customer leadership affected by cyber security events. The analyst must exhibit the ability to effectively coordinate and manage TI content production, personnel support, and executive-level communications. A successful track record of project management experience is desirable.
  • Focusing on enterprise-level TI, responsibilities entail developing and operationalizing TI in support of CSOC investigations of suspected intrusions, pro-active management of enterprise information security resources, and the technical evaluation of enterprise networks, systems, and applications against the cyber threat and associated risk of cyber-attack.
  • The individual will regularly engage with internal and external stakeholders to define intelligence requirements and develop innovative solutions that solve specified problems. The individual will support development of intelligence production standards and for seeking improvements in intelligence methodologies used for creating new solutions and analytical models.
Required Skills:
  • The position requires U.S. Person status or a Non-U.S. Person be eligible to obtain Authorization.
  • Must be eligible to obtain a sensitive clearance – Position of Public Trust – and may be required to obtain a higher security clearance
  • 6+ years of relevant work experience and a Bachelor's degree
  • The Lead Threat Intelligence Analyst must possess Technical Expertise in one or more of the following areas: Network Security, Systems Security, Applications Security, Mobile Security;
  • Experience building, managing, and performing daily analytic tasks within Threat Intelligence (TI), Security Operations Centers (SOC), Cyber Security Operations Centers (CSOC), and Cyber Incident Response Teams (CIRT);
  • A clear knowledge of TI processes from a practitioner’s perspective;
  • An understanding of how to effectively lead teams within fast paced, ever-changing cyber operations environments;
  • A forward thinking view of how TI processes and systems integrate across a CSOC organization to drive cyber operations by providing situational awareness of, and enabling active defense against cyber threats;
  • Expert knowledge of threat hunting practices, including threat modeling and content development for analysis and presentation through Splunk;
  • A service-first work ethic, focused on ensuring customer success;
  • A mentor leadership style, focused on the continual development and growth of junior analysts;
  • Self-driven and fully accountable for independent effort performed as part of a geographically dispersed team;
  • Excellent communication and presentation skills, with demonstrated ability to effectively present analytical data to a variety of technical and non-technical audiences;
  • Demonstrated ability to establish well-defined procedures and appropriate network mitigations strategies derived from post incident analysis and lessons learned;
  • Able to lead teams developing and operationalizing TI, consisting technical personnel directly supporting incident response, system owners, and executives.
  • Solid understanding of information security concepts, tools, and techniques;
  • Advanced knowledge of networking concepts and web technologies;
  • Advanced knowledge of Windows, UNIX / Linux, and OS X operating systems.
  • Ability and willingness to share on-call responsibilities, work non-standard hours, and travel (up to 50%) when required;

Desired Skills:
  • Working knowledge of Computer Network Exploitation (CNE), Computer Network Attack (CNA) and Computer Network Defense (CND) tools and techniques;
  • Experience as a mid-to-senior level intelligence analyst, regardless of intelligence domain;
  • A deep understanding of advanced cyber threats targeting enterprises, along with the tools, tactics, and procedures used by those threats;
  • Experience performing system, network, application, and malicious code analysis;
  • Experience applying threat and data modeling, advanced data correlation, and statistical analysis to develop alerts, notable events, investigative dashboards, and metrics driven reports in Splunk;
  • Track record of technical publication and presentation of information security topics;
  • C|EH, GCIH, CISSP or equivalent certification.

Required Education:

B.S./B.A. in Engineering, Science, or Mathematics or a MS/MA in Engineering, Science or Mathematics or a PhD in Engineering, Science or Mathematics. Additional years of experience may be considered in lieu of degree. 106369

Raytheon is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.

Cyber, Security, Information and Knowledge Systems, Technical, All, Warfighter Support Services Raytheon Intelligence, Information and Services delivers innovative technology to make the world a safer place. Our expertise in cyber, analytics and automation allow us to reach beyond what others think is possible to underpin national security and give our global customers unique solutions to solve the most pressing modern challenges -- from the cyber domain to automated operations, and from intelligent transportation solutions to creating clear insight from large volumes of data. IIS operates at nearly 550 sites in 80 countries, and is headquartered in Dulles, Virginia. The business area generated approximately $6 billion in 2016 revenues. As a global business, our leaders must have the ability to understand, embrace and operate in a multicultural world -- in the marketplace and the workplace. We strive to hire people who reflect our communities and embrace diversity and inclusion to advance our culture, develop our employees, and grow our business. JBRaytheon ICJBMeta // SKINTIA