Lead Threat Intelligence Analyst (95074BR)

  • Raytheon
  • Herndon, Virginia, United States
  • 02/19/2018

Job Description

Job Description:Raytheon Blackbird Technologies is looking for an individual who will join the security team of a major nationwide organization, with thousands of sites, to continually improve its complex multi-protocol nationwide network.A specialist in cyber threat intelligence analysis is needed to support the customer team. The ideal candidate for this job will be an experienced information security practitioner who is goal-oriented and strives to exceed expectations.

Responsibilities will include:

  • The analyst leads TI activities as a customer surrogate in support of enterprise-level cyber security incidents, provides situational awareness to appropriate personnel through clear and concise communications, and promotes a proactive response to possible threats by staying current with, analyzing, and identifying mitigations for emerging threats to the customer’s IT infrastructure. Experience developing and implementing IDS / IPS signatures and URL / IP blocks is desirable.
  • In order to accomplish these tasks, the analyst works closely with cyber intelligence analysts, digital forensics investigators, malicious code reverse engineers, Cyber Security Operations Center (CSOC) analysts, and customer leadership affected by cyber security events. The analyst must exhibit the ability to effectively coordinate and manage TI production, personnel support, and executive-level communications. A successful track record of project management experience is desirable.
  • Focusing on enterprise-level TI, responsibilities entail developing and operationalizing TI in support of CSOC investigations of suspected intrusions, pro-active management of enterprise information security resources, and the technical evaluation of enterprise networks, systems, and applications against the cyber threat and associated risk of cyber-attack.

    Candidates may be considered for this role in the E04 or E05 level.

Required Skills:

  • Must be eligible to obtain a sensitive clearance – Position of Public Trust – and may be required to obtain a higher security clearance
  • 6+ years of relevant work experience and a Bachelor's degree
The Lead Threat Intelligence Analyst must possess Technical Expertise in one or more of the following areas: Network Security, Systems Security, Applications Security, Mobile Security; Experience building, managing, and performing daily analytic tasks within Threat Intelligence (TI), Security Operations Centers (SOC), Cyber Security Operations Centers (CSOC), and Cyber Incident Response Teams (CIRT); A clear knowledge of TI processes from a practitioner’s perspective; An understanding of how to effectively lead teams within fast paced, every changing cyber operations environments; A forward thinking view of how TI processes and systems integrate across a CSOC organization to drive cyber operations by providing situational awareness of, and enabling active defense against cyber threats; Expert knowledge of threat hunting practices, including threat modeling and content development for analysis and presentation through Splunk; A service-first work ethic, focused on ensuring customer success; A mentor leadership style, focused on the continual development and growth of junior analysts; Self-driven and fully accountable for independent effort performed as part of a geographically dispersed team; Excellent communication and presentation skills, with demonstrated ability to effectively present analytical data to a variety of technical and non-technical audiences; Demonstrated ability to establish well-defined procedures and appropriate network mitigations strategies derived from post incident analysis and lessons learned; Able to lead teams developing and operationalizing TI, consisting technical personnel directly supporting incident response, system owners, and executives. Solid understanding of information security concepts, tools, and techniques; Advanced knowledge of networking concepts and web technologies; Advanced knowledge of Windows, UNIX / Linux, and OS X operating systems. Ability and willingness to share on-call responsibilities, work non-standard hours, and travel (up to 50%) when required; Ability to obtain a U.S. Government Public Trust Clearance.

Desired Skills:

  • Working knowledge of Computer Network Exploitation (CNE), Computer Network Attack (CNA) and Computer Network Defense (CND) tools and techniques;
  • Experience as a mid-to-senior level intelligence analyst, regardless of intelligence domain;
  • A deep understanding of advanced cyber threats targeting enterprises, along with the tools, tactics, and procedures used by those threats;
  • Experience performing system, network, application, and malicious code analysis;
  • Experience applying threat and data modeling, advanced data correlation, and statistical analysis to develop alerts, notable events, investigative dashboards, and metrics driven reports in Splunk;
  • Track record of technical publication and presentation of information security topics;
  • C|EH, GCIH, CISSP or equivalent certification.

Required Education:

B.S./B.A. in Engineering, Science, or Mathematics or a MS/MA in Engineering, Science or Mathematics or a PhD in Engineering, Science or Mathematics. Additional years of experience may be considered in lieu of degree.


Raytheon is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.

Raytheon Intelligence, Information and Services delivers innovative technology to make the world a safer place. Our expertise in cyber, analytics and automation allow us to reach beyond what others think is possible to underpin national security and give our global customers unique solutions to solve the most pressing modern challenges -- from the cyber domain to automated operations, and from intelligent transportation solutions to creating clear insight from large volumes of data. IIS operates at nearly 550 sites in 80 countries, and is headquartered in Dulles, Virginia. The business area generated approximately $6 billion in 2016 revenues. As a global business, our leaders must have the ability to understand, embrace and operate in a multicultural world -- in the marketplace and the workplace. We strive to hire people who reflect our communities and embrace diversity and inclusion to advance our culture, develop our employees, and grow our business. Security Clearance: Public Trust Current Relocation Eligible: No Cyber, Information and Knowledge Systems, Warfighter Support Services, All JBRaytheon ICJBMeta